Web Application

WPScan1.1 Released – WordPress Security Scanner

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.  
[singlepic id=59 w=320 h=240 float=]

  • Detection for 750 more plugins.
  • Detection for 107 new plugin vulnerabilities.
  • Detection for 447 possible timthumb file locations.
  • Advanced version fingerprinting implemented.
  • Full Path Disclosure (FPD) checks.
  • Auto updates.
  • Progress indicators.
  • Improved custom 404 checking.
  • Improved plugin detection.
  • Improved error_log checking.
  • Lots of bugs fixed. Lots of small tweaks.
WPScan, you can checkout WPScan 1.1 by issuing the following command:

svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan-1.1

WPScan can also be found pre-installed in Backtrack5 R1 in the ‘/pentest/web/wpscan’ directory and will soon be available in SamuraiWTF.
Video Demo of WPScan
WPScan in action

WordPress Password Brute Forcer


For more updates about the development of WPScan, Release.
Check the developer’s Webiste: http://www.ethicalhack3r.co.uk/

Post Comment