12 July 2011 | 16,732 views

WPScan – WordPress Security/Vulnerability Scanner

Check Your Web Security with Acunetix

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach (scanning without any prior knowledge of what has been installed etc).

Features

  • Username enumeration (from author querystring and location header)
  • Weak password cracking (multithreaded)
  • Version enumeration (from generator meta tag)
  • Vulnerability enumeration (based on version)
  • Plugin enumeration (2220 most popular by default)
  • Plugin vulnerability enumeration (based on version) (todo)
  • Plugin enumeration list generation
  • Other misc WordPress checks (theme name, dir listing, …)

Requirements

WPScan requires two non native Ruby gems, typhoeus and xml-simple. It should work on both Ruby 1.8.x and 1.9.x.

The full README is available here.

You can download WPScan by checking it out from the SVN repository on Google Code:

Or you can read more here.





                

Recent in Hacking Tools:
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- Capstone – Multi-platform, Multi-architecture Disassembly Framework

Related Posts:
- WordPress 2.0.7 Follows Hot on the Tail of WordPress 2.0.6
- WordPress 2.0.4 Released – Fixes Security Issues
- Serious WordPress Vulnerability/Exploit Verion 2.0.3 and Below

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,226 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,574 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,429 views

Advertise on Darknet

Comments are closed.