Showing posts with label hackertarget. Show all posts
Showing posts with label hackertarget. Show all posts

Sunday, March 22, 2015

Best / Open Source Wordpress Vulnerability Scanner

WPScan :

                 is a black box WordPress vulnerability scanner.


WPScan comes pre-installed on the following Linux distributions:
Prerequisites:
  • Ruby >= 1.9.2 - Recommended: 2.2.1
  • Curl >= 7.21 - Recommended: latest - FYI the 7.29 has a segfault
  • RubyGems - Recommended: latest
  • Git
 Download Link : https://github.com/wpscanteam/wpscan

Flunym0us :

                   is a Vulnerability Scanner for Wordpress and Moodle.





                 Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for Wordpress and other for Moodle.


Flunym0us requires python.

Arguments allowed:
-h, --help: Show this help message and exit
-wp, --wordpress: Scan WordPress site
-mo, --moodle: Scan Moodle site
-H HOST, --host HOST: Website to be scanned

Download Link : https://code.google.com/p/flunym0us/downloads/list

 Timthumb :

                Vulnerability Scanner plugin will scan your entire wp-content directory for instances of any outdated and insecure version of the timthumb script, and give you the option to automatically upgrade them with a single click. Doing so will protect you from hackers looking to exploit this particular vulnerability.

            Scans your wp-content directory for vulnerable instances of timthumb.php, and optionally upgrades them to a safe version.


Download Link : https://downloads.wordpress.org/plugin/timthumb-vulnerability-scanner.zip

 Vane :

          is a GPL fork of the now non-free popular WordPress vulnerability scanner WPScan.




Prerequisites

  • Windows not supported
  • Ruby => 1.9
  • RubyGems
  • Git
Download Link : https://github.com/delvelabs/vane


WordPress Security Scan

                           Online WordPress Security Scanner to test vulnerabilities of a WordPress installation. Checks include application security, WordPress plugins, hosting environment and web server.

Online URL : http://hackertarget.com/wordpress-security-scan/