Skip to content
/ wpyscan Public

Like WPScan but UNLIMITED and FREE. A tool developed in Python for enumerating and scanning WordPress websites.

amtzespinosa.github.io/posts/wpyscan-free-wordpress-vulnerability-scanner-python/
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

amtzespinosa/wpyscan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

avoidance

avoidance

 
 

config_backups

config_backups

 
 

db_exports

db_exports

 
 

findings

findings

 
 

img

img

 
 

models

models

 
 

plugins

plugins

 
 

themes

themes

 
 

users

users

 
 

vulnerabilities

vulnerabilities

 
 

vulnerabilities_fetcher

vulnerabilities_fetcher

 
 

wp_version

wp_version

 
 

README.md

README.md

 
 

install.sh

install.sh

 
 

main.py

main.py

 
 

main_win.py

main_win.py

 
 

scanner.py

scanner.py

 
 

setup.bat

setup.bat

 
 

wpyscan

wpyscan

 
 

wpyscan-uninstall

wpyscan-uninstall

 
 

wpyscan.bat

wpyscan.bat

 
 

Repository files navigation

WPyScan

version build license

python

A tool developed in Python for enumerating and scanning WordPress websites. It is an easy-to-use tool that can be run from the command line. WPyScan can enumerate and find any vulnerability associated with version, theme and plugins installed.

Features

  • FREE UNLIMITED API queries
  • WordFence WordPress Vulnerability Database
  • Brute Force enumeration available for almost any check
  • WAF Bypass with random user agents by default
  • Measures for CAPTCHA avoidance

Note

WPyScan has been launched but not thoroughly tested. Please, open any issue you encounter and help improve the tool. The code is dirty and full of bad practices. I am not a developer but a hacker. If you want to contribute, you are welcome.

Screenshot

What can WPyScan check for?

  • The version of WordPress installed and any associated vulnerabilities
  • What plugins are installed and any associated vulnerabilities
  • What themes are installed and any associated vulnerabilities
  • Username enumeration
  • Users with weak passwords via password brute forcing
  • Backed up and publicly accessible wp-config.php files
  • Database dumps that may be publicly accessible
  • If error logs are exposed by plugins
  • Media file enumeration
  • If the WordPress readme file is present
  • If WP-Cron is enabled
  • If user registration is enabled
  • Full Path Disclose
  • Upload directory listing
  • And much more... AND FOR FREE WITH NO LIMITS

Usage

Windows

Note

Still unsure about why but it works better on Windows rather than on Linux. I am working on this but I would appreciate any help.

Just run setup.bat file and all requirements will be installed. Then, just run wpyscan.bat and you'll be prompted to enter a WordPress URL, enter it and hit enter.

Ubuntu (buggy and unreliable)

Clone the repo and get inside the folder:

sudo git clone https://github.com/amtzespinosa/wpyscan.git
cd wpyscan
sudo chmod +x install.sh

Then, run the script: sudo ./install.sh. If you want to get rid of this amazing tool, just run wpyscan-uninstall anywhere.

By now, only simple use is available:

sudo wpyscan -u [URL]

URL format: https://example.com/

Note

Scan will take long. Due to the many scans performed and the avoidance of security measures implemented by the websites, scans are slow. Be patient.

Modules

Documentation is on its way!

TODO

  • Test, test, test... and test!
  • Clean the code
  • Make it a CLI tool, not just single scripts (I am having troubles with this so any help will be welcome!)
  • Polish all the modules and their execution
  • Make it more precise and reliable
  • Add proxying to all modules

About

Like WPScan but UNLIMITED and FREE. A tool developed in Python for enumerating and scanning WordPress websites.

amtzespinosa.github.io/posts/wpyscan-free-wordpress-vulnerability-scanner-python/

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages