Wordpress
Always check /wp-content/plugin
WPScan
wpscan --no-update --url $1 --enumerate u,ap,t,cb,dbe --plugins-detection aggressive | tee wpscan.log
wpscan --no-update --url http://alvida-eatery.org/ --enumerate ap --plugins-detection aggressive -t 100 | tee wpscanPlugins.log Feroxbuster / Gobuster
https://raw.githubusercontent.com/Perfectdotexe/WordPress-Plugins-List/master/plugins.txt
feroxbuster -u http://backdoor.htb/wp-content/plugins -w plugins.txt
Last updated