WPSeku - Black-Box Remote WordPress Security Scanner - Darknet - Hacking Tools, Hacker News & Cyber Security

WPSeku is a black box WordPress Security scanner that can be used to scan remote WordPress installations to find security issues and vulnerabilities.

WPSeku - Black-Box Remote WordPress Security Scanner

Features of WPSeku WordPress Security Scanner

WPSeku supports various types of scanning including:

Testing for XSS Vulnerabilities
Testing for SQL Injection Vulnerabilities
Testing for LFI Vulnerabilities
Bruteforce login via xmlrpc
Username Enumeration
Proxy Support
Method (GET/POST)
Custom Wordlists
Custom user-agent

It also uses the WPVulnDB Vulnerability Database API at https://wpvulndb.com/api.

Using WPSeku WordPress Security Scanner

\ \      / /  _ \/ ___|  ___| | ___   _ 
 \ \ /\ / /| |_) \___ \ / _ \ |/ / | | |
  \ V  V / |  __/ ___) |  __/   <| |_| |
   \_/\_/  |_|   |____/ \___|_|\_\\__,_|
                                         
|| WPSeku - Wordpress Security Scanner   
|| Version 0.2.1                         
|| Momo Outaadi (M4ll0k)                 
|| https://github.com/m4ll0k/WPSeku


Usage: ./wpseku.py [--target|-t] http://localhost
		-t --target		Target URL (eg: http://localhost)
		-x --xss		Testing XSS vulns
		-s --sql		Testing SQL vulns
		-l --lfi		Testing LFI vulns
		-q --query		Testable parameters (eg: "id=1&test=1")
		-b --brute		Bruteforce login via xmlrpc
		-u --user		Set username, default=admin
		-p --proxy		Set proxy, (host:port)
		-m --method		Set method (GET/POST)
		-c --cookie		Set cookies
		-w --wordlist	Set wordlist
		-a --agent		Set user-agent
		-r --redirect	Redirect target url, default=True
		-h --help		Show this help and exit

Examples:
		wpseku.py --target http://localhost
		wpseku.py -t http://localhost/wp-admin/post.php -m GET -q "post=49&action=edit" [-x,-s,-l]
		wpseku.py --target http://localhost --brute --wordlist dict.txt
		wpseku.py --target http://localhost --brute --user test --wordlist dict.txt

\ \ / / _ \/ ___| ___| | ___ _

\ \ /\ / /| |_) \___ \ / _ \ |/ / | | |

\ V V / | __/ ___) | __/ <| |_| |

\_/\_/ |_| |____/ \___|_|\_\\__,_|

|| WPSeku - Wordpress Security Scanner

|| Version 0.2.1

|| Momo Outaadi (M4ll0k)

|| https://github.com/m4ll0k/WPSeku

Usage: ./wpseku.py [--target|-t] http://localhost

-t --target Target URL (eg: http://localhost)

-x --xss Testing XSS vulns

-s --sql Testing SQL vulns

-l --lfi Testing LFI vulns

-q --query Testable parameters (eg: "id=1&test=1")

-b --brute Bruteforce login via xmlrpc

-u --user Set username, default=admin

-p --proxy Set proxy, (host:port)

-m --method Set method (GET/POST)

-c --cookie Set cookies

-w --wordlist Set wordlist

-a --agent Set user-agent

-r --redirect Redirect target url, default=True

-h --help Show this help and exit

Examples:

wpseku.py --target http://localhost

wpseku.py -t http://localhost/wp-admin/post.php -m GET -q "post=49&action=edit" [-x,-s,-l]

wpseku.py --target http://localhost --brute --wordlist dict.txt

wpseku.py --target http://localhost --brute --user test --wordlist dict.txt

WPSeku WordPress Security Scan Installation

# git clone https://github.com/m4ll0k/WPSeku.git
# cd WPSeku
# pip install -r requirements.txt
# python wpseku.py

# git clone https://github.com/m4ll0k/WPSeku.git

# cd WPSeku

# pip install -r requirements.txt

# python wpseku.py

There’s also these to check out:

– Plecost – WordPress Fingerprinting Tool
– CMSmap – Content Management System Security Scanner
– WPScan – WordPress Vulnerability Scanner

You can download WPSeku here:

Or read more here.

570 Shares

WPSeku – Black-Box Remote WordPress Security Scanner

Features of WPSeku WordPress Security Scanner

Using WPSeku WordPress Security Scanner

WPSeku WordPress Security Scan Installation

Most Viewed Posts

Search

Recent Posts

Features of WPSeku WordPress Security Scanner

Using WPSeku WordPress Security Scanner

WPSeku WordPress Security Scan Installation

Reader Interactions

Comments

Footer

Most Viewed Posts

Search

Recent Posts

Tags