Posted by : Muhammad Haseeb Javed Tuesday, January 17, 2012



Introduction

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.

Download

Please download the latest WPScan from our Subversion (SVN) code repository by issuing the following command:

Details

  • Username enumeration (from author querystring and location header)
  • Weak password cracking (multithreaded)
  • Version enumeration (from generator meta tag and from client side files)
  • Vulnerability enumeration (based on version)
  • Plugin enumeration (2220 most popular by default)
  • Plugin vulnerability enumeration (based on plugin name)
  • Plugin enumeration list generation
  • Other misc WordPress checks (theme name, dir listing, ...)

Installing on Windows: (not tested)

gem install typhoeus ("Windows is not officially supported")
gem install xml-simple

VIDEO
=====



Leave a Reply

Subscribe to Posts | Subscribe to Comments

Popular Post

Labels

Blog Archive

- Copyright © _.:Learn To Hack:._ :: Hacking Tutorials :: Warez -Metrominimalist- Powered by Blogger - Designed by Johanes Djogan -