Wordpress scripts for information gathering and pen testing
Ruby
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
README.md
wp_find_password.rb
wp_info_gathering.rb
wp_single_page_analysis.rb

README.md

All code and information for educational purposes only

Tools for Wordpress cms information gathering and penetration testing.

wp_find_password - script to find password for specific username using XML-RPC WordPress API

wp_info_gathering - wordpress info gathering like: wordpress version, xmlrpc API enabled or disabled, user enumeration.
usage: wp_info_gathering -u 'http://127.0.0.1:8080' -wxe -n 2, will get version, XML-RPC disabled/enabled, enumeration with max enumeration number is 2

Password lists taken from SecList.

wp_single_page_analysis - wordpress single page analysis or passive information gathering, script to gather information about wordpress loading single page only

License

Copyright (c) 2017 Igor Zhivilo @warolv. See MIT-LICENSE for further details.