CompTIA PenTest+ (PT1-002) — Question 3

A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following:
* Connected to 10.2.11.144 (::1) port 80 (#0)
> GET /readmine.html HTTP/1.1
> Host: 10.2.11.144
> User-Agent: curl/7.67.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Date: Tue, 02 Feb 2021 21:46:47 GMT
< Server: Apache/2.4.41 (Debian)
< Content-Length: 317
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE html>
<html lang=`en`>
<head>
<meta name=`viewport` content=`width=device-width` />
<meta http-equiv=`Content-Type` content=`text/html; charset=utf-8` />
<title>WordPress › ReadMe</title>
<link rel=`stylesheet` href=`wp-admin/css/install.css?ver=20100228` type=`text/css` />
</head>
Which of the following tools would be BEST for the penetration tester to use to explore this site further?

Answer options

• A. Burp Suite
• B. DirBuster
• C. WPScan
• D. OWASP ZAP

Correct answer: C

Explanation

WPScan is specifically designed for scanning WordPress sites, making it the best option for this scenario since the response indicates that the website is a WordPress installation. While Burp Suite and OWASP ZAP are excellent for general web application testing, and DirBuster is useful for directory brute-forcing, they are not specifically tailored for WordPress vulnerabilities like WPScan.