A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
Branch: master
Clone or download
Gaurav Mishra
Latest commit 40a195e Jan 14, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
data bug fix Jan 3, 2019
ssl Creating project Jan 2, 2019
static Adding footer social icons Jan 14, 2019
.gitignore Adding .gitignore Jan 2, 2019
LICENSE Initial commit Jan 2, 2019
README.md Update README.md Jan 13, 2019
config.json Removed hardcoded credentials Jan 2, 2019
package.json Implemented CSRF Protection Jan 3, 2019
server.js Schedule delete bug fixed Jan 9, 2019

README.md

WPScan Web Interface (version 1.0b)

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility. It has following features:

  1. Login Page-
    • Authentication is required to access the application.
  2. Dashboard Page-
    • On Demand Scan : Run scans instantly by either providing a URL or a text file having multiple URL's seprated by a new line as an input.
    • Scan History : View or delete scan history and reports.
    • Schedule Scan : Configure scans to run automatically, or on a recurring basis just like a cron job in linux.
    • Scheduled Scan History : Edit cron rule or delete any scheduled scan.
  3. Report Page-
    • View or print the details of vulnerabilities discovered after scan completes.

Key Features

* Performs scan for single or multiple WordPress applications asynchronously
* Supports both on demand and scheduled scans (like a cron job)
* Cross-platform application

How to Setup?

* Download and Install Node.js- https://nodejs.org/en/download/
* Install wpscan- https://wpscan.org/
* git clone https://github.com/cyc10n3/WPScan_Web_Interface.git
* cd  WPScan_Web_Interface
* npm install (for installing node modules or dependencies)
* npm start
* Open https://localhost:1337 or https://127.0.0.1:1337 in browser
* Login with default credentials (admin/cyc10n3)

#f03c15 It is recommended to change the login password by modifying config.jsonfile.

Screenshots

Login

Login

Dashboard: On-demand Scan

Dashboard: On-demand Scan

Dashboard: Schedule Scan

Dashboard: Schedule Scan

Scan Report

Scan Report

Known Issues

* Login bruteforce possible

Authors

License

This project is licensed under the MIT License - see the LICENSE file for details