8:15 PMWord Press Vulnerability Scanner | Download WP Scanner | Learn Ethical Hacking in Punjab ~ Chandigarh
WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach (scanning without any prior knowledge of what has been installed etc).
Username enumeration (from author querystring and location header) Weak password cracking (multithreaded) Version enumeration (from generator meta tag) Vulnerability enumeration (based on version) Plugin enumeration (2220 most popular by default) Plugin vulnerability enumeration (based on version) (todo) Plugin enumeration list generation Other misc WordPress checks (theme name, dir listing, …)
WPScan requires two non native Ruby gems, typhoeus and xml-simple. It should work on both Ruby 1.8.x and 1.9.x.
sudo apt-get install libcurl4-gnutls-dev
sudo gem install –user-install typhoeus
sudo gem install –user-install xml-simple
You can download WPScan by checking it out from the SVN repository on Google Code:
svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only
This is one of the latest wordpress vulnerability scanner for professional pen testers not recommended for new bees.