WPSeku is a black box WordPress vulnerability scanner.

EL-Capitan / May 26, 2017 / Comments Off / Penetration Test, Scanner

WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.
Dependencies:
– Python 2.7.x
– git and Internet Connection 🙂

WPSeku v0.2

Usage:

git clone https://github.com/m4ll0k/WPSeku && cd WPSeku

Examples:
wpseku.py -t http://www.target.com
wpseku.py -t target.com/wp-admin/admin-ajax.php -q id=1&cat=2 -m POST [-x,-s,-l]
wpseku.py -t target.com/path/wp-content/plugins/hello/hello.php -q id=1&test=2 -m GET [-x,-s,-l]
wpseku.py -t http://target.com --brute [l,x] --user admin --wordlist dict.txt

git clone https://github.com/m4ll0k/WPSeku && cd WPSeku

Examples:

wpseku.py -t http://www.target.com

wpseku.py -t target.com/wp-admin/admin-ajax.php -q id=1&cat=2 -m POST [-x,-s,-l]

wpseku.py -t target.com/path/wp-content/plugins/hello/hello.php -q id=1&test=2 -m GET [-x,-s,-l]

wpseku.py -t http://target.com --brute [l,x] --user admin --wordlist dict.txt

Source: https://github.com/m4ll0k

Tags: Brute Force, lfi, Sql Injection, Vulnerability Scanner, wordpress, XSS Attack

Archives

WPSeku is a black box WordPress vulnerability scanner.