Thursday, July 14, 2011

WPSCAN - WordPress Security & vulnerability Scanner

WPSCAN - WordPress Security & vulnerability Scanner



WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.

Details
Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version) (todo)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, ...)

1 comment:

James Zicrov said...

I really like reading through a post that can make people think. Also, many thanks for permitting me to comment!

Wordpress Security Scanner