WPScan - Wordpress Security Scanner - Tool Download And Tutorial ~ Security Explored

Thursday, October 27, 2011

WPScan - Wordpress Security Scanner - Tool Download And Tutorial

3:28 PM Downloads, Other Videos, Videos, Windows Tools No comments

Introduction

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.

Details

Username enumeration (from author querystring and location header)
Weak password cracking (multithreaded)
Version enumeration (from generator meta tag and from client side files)
Vulnerability enumeration (based on version)
Plugin enumeration (2220 most popular by default)
Plugin vulnerability enumeration (based on version)
Plugin enumeration list generation
Other misc WordPress checks (theme name, dir listing, ...)

Sponsor

Sponsored by the RandomStorm Open Source Initiative.

Video of WPScan in Action

Video of the first PoC

And A video of this tool explained by Ankit Mehta

0 comments:

Post a Comment