WPScan is a free (for non-commercial use) black box WordPress security scanner written for security professionals and bloggers to test the security of their sites.
- (Optional but highly recommended: RVM)
- Ruby >= 2.3 – Recommended: latest
- Ruby 2.5.0 to 2.5.3 can cause an ‘undefined symbol: rmpd_util_str_to_d’ error in some systems, see #1283
- Curl >= 7.21 – Recommended: latest
- The 7.29 has a segfault
- RubyGems – Recommended: latest
- Nokogiri might require packages to be installed via your package manager depending on your OS, see https://nokogiri.org/tutorials/installing_nokogiri.html