Page | 24 www.hackingarticles.in
Docker for Pentester: Pentesting Framework WPScan Now let’s continue with our f
irst pentest tool which is used to scan the WordPress CMS-designed
website known as WPScan. Open the terminal on your local machine and execute the following
command as a superuser, it downloads and builds the docker package.
So we have a WordPress pentestlab, you can create your own WordPress pentestlab and learn more
from
here.
docker pull wpscanteam/wpscan
Page | 25 www.hackingarticles.in
To use the WPScan docker image you just need to run following command and start pentesting your
WordPress.
docker run -it --rm wpscanteam/wpscan --url http://192.168.1.105/wordpress/
Page | 26 www.hackingarticles.in
SQLmap As we have already told you how to develop your own docking penetration assessment platform, this
is SQLMAP for SQL injection testing on our website as our next import pentesting tool. Run the next
command, which pulls the SQLMAP docker image.
Assuming testpphp.vulnweb.com is the target website I would like to use sqlmap to test SQL Injection
for.
docker pull googlesky/sqlmap
Page | 27 www.hackingarticles.in
For use the SQLMAP docker image only you need to run the following command and start SQL injection
testing.