wpfinger is a red-team WordPress scanning tool.
- Core version detection
- Plugin scanning through fingerprinting
- Vulnerability output, using database from Wordfence
wpfinger update
Will update the database with the latest vulnerabilities and plugin fingerprint.
wpfinger scan -u https://example.com
Flag | Description |
---|---|
--all | Will scan for all plugins, default is vulnerable only |
--url | Target WordPress URL |
The installation is easy. You can download the pre-built binaries for your platform from the Releases page.
▶ chmod +x wpfinger
▶ mv wpfinger /usr/local/bin/wpfinger
▶ go install github.com/LeakIX/wpfinger/cmd/wpfinger@latest
▶ ${GOPATH}/bin/wpfinger -h
Vulnerability database is courtesy of Wordfence.