Skip to content
Wordpress scripts for information gathering and pen testing
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.


Type Name Latest commit message Commit time
Failed to load latest commit information.

All code and information for educational purposes only

Tools for Wordpress cms information gathering and penetration testing.

wp_find_password - script to find password for specific username using XML-RPC WordPress API

wp_info_gathering - wordpress info gathering like: wordpress version, xmlrpc API enabled or disabled, user enumeration.
usage: wp_info_gathering -u '' -wxe -n 2, will get version, XML-RPC disabled/enabled, enumeration with max enumeration number is 2

Password lists taken from SecList.

wp_single_page_analysis - wordpress single page analysis or passive information gathering, script to gather information about wordpress loading single page only


Copyright (c) 2017 Igor Zhivilo @warolv. See MIT-LICENSE for further details.

You can’t perform that action at this time.