Giter VIP home page Giter VIP logo

wprecon's Introduction

Golpher Ninja by Takuya Ueda

WPrecon (Wordpress Recon)

License: GPL v3 GitHub commit activity GitHub go.mod Go version (branch)

Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.

Version: 0.1.3.0a

Notice:

Why is the project out of updates these days ?! What happens is that I am doing the vulnerability scanner.

Branch Dev

Compile and Install

Features

Status Features
Random Agent
Detection WAF
User Enumerator
Plugin Scanner
Theme Scanner
Tor Proxy's
Detection Honeypot
Fuzzing Backup Files
🔨 Fuzzing Passwords
🔨 Vulnerability Scanner

Usage

Flag(s) Description
-u, --url string Target URL (Ex: http(s)://example.com/). (Required)
--users-enumerate Use the supplied mode to enumerate Users.
--themes-enumerate Use the supplied mode to enumerate Themes.
--plugins-enumerate Use the supplied mode to enumerate Plugins.
--detection-waf I will try to detect if the target is using any WAF.
--detection-honeypot I will try to detect if the target is a honeypot, based on the shodan.
--no-check-wp Will skip wordpress check on target.
--random-agent Use randomly selected HTTP(S) User-Agent header value.
--tor Use Tor anonymity network.
--disable-tls-checks Disables SSL/TLS certificate verification.
-h, --help help for wprecon.
-v, --verbose Verbosity mode.

WPrecon running

Command: wprecon --url "https://www.xxxxxxx.com/" --detection-waf

Output:
—————————————————————————————————————————————————————————————————————

___       ______________________________________________   __
__ |     / /__  __ \__  __ \__  ____/_  ____/_  __ \__  | / /
__ | /| / /__  /_/ /_  /_/ /_  __/  _  /    _  / / /_   |/ /
__ |/ |/ / _  ____/_  _, _/_  /___  / /___  / /_/ /_  /|  /
____/|__/  /_/     /_/ |_| /_____/  \____/  \____/ /_/ |_/

Github: https://github.com/blackcrw/wprecon
Version: 0.0.1a
—————————————————————————————————————————————————————————————————————
[•] Target: https://www.xxxxxxx.com/
[•] Starting: 09/jan/2020 12:11:17

[•] Listing enable: https://www.xxxxxxx.com/wp-content/plugins/
[•] Listing enable: https://www.xxxxxxx.com/wp-content/themes/
[•••] Status Code: 200 — URL: https://www.xxxxxxx.com/wp-admin/
[•••] I'm not absolutely sure that this target is using wordpress! 37.50% chance. do you wish to continue ? [Y/n]: Y
[•••] Status Code: 200 — WAF: Wordfence Security Detected
[•••] Do you wish to continue ?! [Y/n] : Y

Yes Baby, Thank You! ✋

wprecon's People

Contributors

sysrtx avatar devtraleski avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.