Checking for the existence of WP-Admin or WP-Login is one of the first things we do when checking the security of our customer’s websites. Good thing we follow our own advice eh?
Please see our Responsible Disclosure policy for more information about our approach to vulnerabilities.
It is very important to ensure that you stay on the right side of the law. Randomly scanning websites is illegal in most jurisdictions. For more information see here.