m4ll0k / Wpseku
Licence: gpl-3.0
WPSeku - Wordpress Security Scanner
Stars: ✭ 791
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Wpseku
Web exploit detector
The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Stars: ✭ 81 (-89.76%)
Mutual labels: wordpress, cms, scanner
Cmseek
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Stars: ✭ 1,296 (+63.84%)
Mutual labels: wordpress, cms
Courselit
Start your own online teaching business. Features include course maker, students manager, payments and more.
Stars: ✭ 73 (-90.77%)
Mutual labels: wordpress, cms
Hrcloud2
A full-featured home hosted Cloud Drive, Personal Assistant, App Launcher, File Converter, Streamer, Share Tool & More!
Stars: ✭ 134 (-83.06%)
Mutual labels: wordpress, cms
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+13.4%)
Mutual labels: wordpress, scanner
Wp Multitenancy Boilerplate
WordPress multitenancy boilerplate configured and managed with Composer and PHP dotenv.
Stars: ✭ 24 (-96.97%)
Mutual labels: wordpress, cms
Red hawk
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Stars: ✭ 1,898 (+139.95%)
Mutual labels: wordpress, scanner
Killshot
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (-70.04%)
Mutual labels: wordpress, cms
Cms
GleezCMS - A Light, Simple, Flexible Content Management System
Stars: ✭ 200 (-74.72%)
Mutual labels: wordpress, cms
Php Antimalware Scanner
AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (-77.12%)
Mutual labels: wordpress, scanner
Whatcms
CMS Detection and Exploit Kit based on Whatcms.org API
Stars: ✭ 205 (-74.08%)
Mutual labels: cms, scanner
Vuefront
VueFront Core. Turn your old-fashioned CMS website in to a SPA & PWA in 5 minutes
Stars: ✭ 316 (-60.05%)
Mutual labels: wordpress, cms
Slickstack
SlickStack is a free LEMP stack automation script written in Bash designed to enhance and simplify WordPress provisioning, performance, and security.
Stars: ✭ 311 (-60.68%)
Mutual labels: wordpress, cms
Wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
Stars: ✭ 6,244 (+689.38%)
Mutual labels: wordpress, scanner
Bbs
巡云轻论坛系统包含论坛、问答模块。系统采用JAVA+MYSQL架构,自适应手机端和电脑端,界面简洁,性能高效。数据库表结构设计使用分表方案,提高系统的负载能力。后台数据库备份/还原、全站指定目录打包、一键自动升级等功能使维护简单方便。系统拥有强大的模板管理功能,布局版块支持设置输出条件,让前端页面展示方便快捷。
Stars: ✭ 712 (-9.99%)
Mutual labels: cms
Extended Cpts
A library which provides extended functionality to WordPress custom post types and taxonomies.
Stars: ✭ 705 (-10.87%)
Mutual labels: wordpress
WPSeku - Wordpress Security Scanner
Note: building of a new version is underway...
WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.
Installation
$ git clone https://github.com/m4ll0k/WPSeku.git wpseku
$ cd wpseku
$ pip3 install -r requirements.txt
$ python3 wpseku.py
Usage
Generic Scan
python3 wpseku.py --url https://www.xxxxxxx.com --verbose
- Output
----------------------------------------
_ _ _ ___ ___ ___| |_ _ _
| | | | . |_ -| -_| '_| | |
|_____| _|___|___|_,_|___|
|_| v0.4.0
WPSeku - Wordpress Security Scanner
by Momo Outaadi (m4ll0k)
----------------------------------------
[ + ] Target: https://www.xxxxxxx.com
[ + ] Starting: 02:38:51
[ + ] Server: Apache
[ + ] Uncommon header "X-Pingback" found, with contents: https://www.xxxxxxx.com/xmlrpc.php
[ i ] Checking Full Path Disclosure...
[ + ] Full Path Disclosure: /home/ehc/public_html/wp-includes/rss-functions.php
[ i ] Checking wp-config backup file...
[ + ] wp-config.php available at: https://www.xxxxxxx.com/wp-config.php
[ i ] Checking common files...
[ + ] robots.txt file was found at: https://www.xxxxxxx.com/robots.txt
[ + ] xmlrpc.php file was found at: https://www.xxxxxxx.com/xmlrpc.php
[ + ] readme.html file was found at: https://www.xxxxxxx.com/readme.html
[ i ] Checking directory listing...
[ + ] Dir "/wp-admin/css" listing enable at: https://www.xxxxxxx.com/wp-admin/css/
[ + ] Dir "/wp-admin/images" listing enable at: https://www.xxxxxxx.com/wp-admin/images/
[ + ] Dir "/wp-admin/includes" listing enable at: https://www.xxxxxxx.com/wp-admin/includes/
[ + ] Dir "/wp-admin/js" listing enable at: https://www.xxxxxxx.com/wp-admin/js/
......
Bruteforce Login
python3 wpseku.py --url https://www.xxxxxxx.com --brute --user test --wordlist wl.txt --verbose
- Output
----------------------------------------
_ _ _ ___ ___ ___| |_ _ _
| | | | . |_ -| -_| '_| | |
|_____| _|___|___|_,_|___|
|_| v0.4.0
WPSeku - Wordpress Security Scanner
by Momo Outaadi (m4ll0k)
----------------------------------------
[ + ] Target: https://www.xxxxxxx.com
[ + ] Starting: 02:46:32
[ + ] Bruteforcing Login via XML-RPC...
[ i ] Setting user: test
[ + ] Valid Credentials:
-----------------------------
| Username | Passowrd |
-----------------------------
| test | kamperasqen13 |
-----------------------------
Scan plugin,theme and wordpress code
python3 wpseku.py --scan <dir/file> --verbose
Note: Testing Akismet Directory Plugin https://plugins.svn.wordpress.org/akismet
- Output
----------------------------------------
_ _ _ ___ ___ ___| |_ _ _
| | | | . |_ -| -_| '_| | |
|_____| _|___|___|_,_|___|
|_| v0.4.0
WPSeku - Wordpress Security Scanner
by Momo Outaadi (m4ll0k)
----------------------------------------
[ + ] Checking PHP code...
[ + ] Scanning directory...
[ i ] Scanning trunk/class.akismet.php file
----------------------------------------------------------------------------------------------------------
| Line | Possibile Vuln. | String |
----------------------------------------------------------------------------------------------------------
| 597 | Cross-Site Scripting | [b"$_GET['action']", b"$_GET['action']"] |
| 601 | Cross-Site Scripting | [b"$_GET['for']", b"$_GET['for']"] |
| 140 | Cross-Site Scripting | [b"$_POST['akismet_comment_nonce']", b"$_POST['akismet_comment_nonce']"] |
| 144 | Cross-Site Scripting | [b"$_POST['_ajax_nonce-replyto-comment']"] |
| 586 | Cross-Site Scripting | [b"$_POST['status']", b"$_POST['status']"] |
| 588 | Cross-Site Scripting | [b"$_POST['spam']", b"$_POST['spam']"] |
| 590 | Cross-Site Scripting | [b"$_POST['unspam']", b"$_POST['unspam']"] |
| 592 | Cross-Site Scripting | [b"$_POST['comment_status']", b"$_POST['comment_status']"] |
| 599 | Cross-Site Scripting | [b"$_POST['action']", b"$_POST['action']"] |
| 214 | Cross-Site Scripting | [b"$_SERVER['HTTP_REFERER']", b"$_SERVER['HTTP_REFERER']"] |
| 403 | Cross-Site Scripting | [b"$_SERVER['REQUEST_TIME_FLOAT']", b"$_SERVER['REQUEST_TIME_FLOAT']"] |
| 861 | Cross-Site Scripting | [b"$_SERVER['REMOTE_ADDR']", b"$_SERVER['REMOTE_ADDR']"] |
| 930 | Cross-Site Scripting | [b"$_SERVER['HTTP_USER_AGENT']", b"$_SERVER['HTTP_USER_AGENT']"] |
| 934 | Cross-Site Scripting | [b"$_SERVER['HTTP_REFERER']", b"$_SERVER['HTTP_REFERER']"] |
| 1349 | Cross-Site Scripting | [b"$_SERVER['REMOTE_ADDR']"] |
----------------------------------------------------------------------------------------------------------
[ i ] Scanning trunk/wrapper.php file
[ + ] Not found vulnerabilities
[ i ] Scanning trunk/akismet.php file
-----------------------------------------------
| Line | Possibile Vuln. | String |
-----------------------------------------------
| 55 | Authorization Hole | [b'is_admin()'] |
-----------------------------------------------
[ i ] Scanning trunk/class.akismet-cli.php file
[ + ] Not found vulnerabilities
[ i ] Scanning trunk/class.akismet-widget.php file
[ + ] Not found vulnerabilities
[ i ] Scanning trunk/index.php file
[ + ] Not found vulnerabilities
[ i ] Scanning trunk/class.akismet-admin.php file
--------------------------------------------------------------------------------------------------------------------
| Line | Possibile Vuln. | String |
--------------------------------------------------------------------------------------------------------------------
| 39 | Cross-Site Scripting | [b"$_GET['page']", b"$_GET['page']"] |
| 134 | Cross-Site Scripting | [b"$_GET['akismet_recheck']", b"$_GET['akismet_recheck']"] |
| 152 | Cross-Site Scripting | [b"$_GET['view']", b"$_GET['view']"] |
| 190 | Cross-Site Scripting | [b"$_GET['view']", b"$_GET['view']"] |
| 388 | Cross-Site Scripting | [b"$_GET['recheckqueue']"] |
| 841 | Cross-Site Scripting | [b"$_GET['view']", b"$_GET['view']"] |
| 843 | Cross-Site Scripting | [b"$_GET['view']", b"$_GET['view']"] |
| 850 | Cross-Site Scripting | [b"$_GET['action']"] |
| 851 | Cross-Site Scripting | [b"$_GET['action']"] |
| 852 | Cross-Site Scripting | [b"$_GET['_wpnonce']", b"$_GET['_wpnonce']"] |
| 868 | Cross-Site Scripting | [b"$_GET['token']", b"$_GET['token']"] |
| 869 | Cross-Site Scripting | [b"$_GET['token']"] |
| 873 | Cross-Site Scripting | [b"$_GET['action']"] |
| 874 | Cross-Site Scripting | [b"$_GET['action']"] |
| 1005 | Cross-Site Scripting | [b"$_GET['akismet_recheck_complete']"] |
| 1006 | Cross-Site Scripting | [b"$_GET['recheck_count']"] |
| 1007 | Cross-Site Scripting | [b"$_GET['spam_count']"] |
| 31 | Cross-Site Scripting | [b"$_POST['action']", b"$_POST['action']"] |
| 256 | Cross-Site Scripting | [b"$_POST['_wpnonce']"] |
| 260 | Cross-Site Scripting | [b'$_POST[$option]', b'$_POST[$option]'] |
| 267 | Cross-Site Scripting | [b"$_POST['key']"] |
| 392 | Cross-Site Scripting | [b"$_POST['offset']", b"$_POST['offset']", b"$_POST['limit']", b"$_POST['limit']"] |
| 447 | Cross-Site Scripting | [b"$_POST['id']"] |
| 448 | Cross-Site Scripting | [b"$_POST['id']"] |
| 460 | Cross-Site Scripting | [b"$_POST['id']", b"$_POST['url']"] |
| 461 | Cross-Site Scripting | [b"$_POST['id']"] |
| 464 | Cross-Site Scripting | [b"$_POST['url']"] |
| 388 | Cross-Site Scripting | [b"$_REQUEST['action']", b"$_REQUEST['action']"] |
| 400 | Cross-Site Scripting | [b"$_SERVER['HTTP_REFERER']", b"$_SERVER['HTTP_REFERER']"] |
--------------------------------------------------------------------------------------------------------------------
[ i ] Scanning trunk/class.akismet-rest-api.php file
[ + ] Not found vulnerabilities
Docker container
Docker implementation to containerize the application.
$ git clone https://github.com/m4ll0k/WPSeku.git wpseku
$ cd wpseku
$ docker build -t wpseku .
$ docker run wpseku
Docker run:
[email protected]:~/$ docker run wpseku
----------------------------------------
_ _ _ ___ ___ ___| |_ _ _
| | | | . |_ -| -_| '_| | |
|_____| _|___|___|_,_|___|
|_| v0.4.0
WPSeku - Wordpress Security Scanner
by Momo Outaadi (m4ll0k)
----------------------------------------
Usage: wpseku.py [options]
-u --url Target URL (e.g: http://site.com)
-b --brute Bruteforce login via xmlrpc
-U --user Set username for bruteforce, default "admin"
-s --scan Checking wordpress plugin code
-p --proxy Use a proxy, (host:port)
-c --cookie Set HTTP Cookie header value
-a --agent Set HTTP User-agent header value
-r --ragent Use random User-agent header value
-R --redirect Set redirect target URL False
-t --timeout Seconds to wait before timeout connection
-w --wordlist Set wordlist, default "db/wordlist.txt"
-v --verbose Print more informations
-h --help Show this help and exit
Example:
wpseku.py --url http://site.com/
wpseku.py --url http://site.com --brute --user test
wpseku.py --url http://site.com/ --brute --user admin --wordlist wordlist.txt
Credits and Contributors
Original idea and script from WPScan Team (https://wpscan.org/)
WPScan Vulnerability Database (https://wpvulndb.com/api)
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].