Geekiest Techno News

WPScan: A WordPress Vulnerability Scanner

Note for l33ts:- WordPress ur goin down baby :p


WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.


Please download the latest WPScan from  Subversion (SVN) code repository by issuing the following command:

svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan


  • Username enumeration (from author querystring and location header)
  • Weak password cracking (multithreaded)
  • Version enumeration (from generator meta tag and from client side files)
  • Vulnerability enumeration (based on version)
  • Plugin enumeration (2220 most popular by default)
  • Plugin vulnerability enumeration (based on plugin name)
  • Plugin enumeration list generation
  • Other misc WordPress checks (theme name, dir listing, …)
Related Links
Categories: Linux, Tools, TOP NEWS