If you find a site using a wordpress management system, then,
Try the default background address: / wp-admin automatically jump back / home access login screen background
Username collection: / wp-admin / author = 1 in order to access / author = 1, 2,3,4,5 ... until the end?.
Into the background and then try to write a word Trojan
Wpscan kali use the tool in probing for wordpress version, plug-in
Listed wordpress theme
wpscan --url http://www.xxx.com --enumerate t
Topics include vulnerable
wpscan --url http://www.xxx.com --enumerate vt
Plug list
wpscan --url http://www.xxx.com --enumerate p
Include vulnerable plug-ins
wpscan --url http://www.xxx.com --enumerate vp
Users list
wpscan --url http(s)://www.xxx.com --enumerate u
Launch brute force attacks
--url HTTP wpscan (S): // www.xxx.com -wordlist dictionary directory -username username
Listed timthumbs
wpscan --url http(s)://www.xxx.com --enumerate tt