Now comes the difficult part, finding out the username. You could start with admin, but WordPress usually generates a random username, so it might be difficult to figure out and you might need to do some further research on the target.
In the Mr. Robot example, I know that the username is Elliot (not too hard to guess). You could also try to run hydra against a couple of username lists, but first, we need to use burpsuite to grab some code from the login page.
Start burpsuite by typing
Create a new Temporary Project using the Burp defaults.
Navigate to the Target -> Scope Tab and click on Add to Include the wp-login page to the scope. Select Yes in the pop-up dialogue.
