Wprecon – A Vulnerability Recognition Tool In CMS WordPress, 100% Developed In Go
Hi there! Welcome. Wprecon (WordPress Recon), is a vulnerability recognition software in CMS WordPress, 100% formulated in Go.
Discover:
Why is the venture out of updates these times ?! What comes about is that I am doing the vulnerability scanner.
Attributes
- Random Agent
- Detection WAF
- Person Enumerator
- Plugin Scanner
- Theme Scanner
- Tor Proxy’s
- Detection Honeypot
- Fuzzing Backup Documents
Usage
| Flag(s) | Description |
|---|---|
| -u, –url string | Target URL (Ex: http(s)://instance.com/). (Expected) |
| –buyers-enumerate | Use the equipped method to enumerate Customers. |
| –themes-enumerate | Use the equipped mode to enumerate Themes. |
| –plugins-enumerate | Use the provided manner to enumerate Plugins. |
| –detection-waf | I will check out to detect if the focus on is applying any WAF. |
| –detection-honeypot | I will attempt to detect if the focus on is a honeypot, dependent on the shodan. |
| –no-check out-wp | Will skip wordpress examine on concentrate on. |
| –random-agent | Use randomly chosen HTTP(S) Person-Agent header benefit. |
| –tor | Use Tor anonymity network. |
| –disable-tls-checks | Disables SSL/TLS certificate verification. |
| -h, –help | aid for wprecon. |
| -v, –verbose | Verbosity manner. |
WPrecon jogging
Command: wprecon --url "https://www.xxxxxxx.com/" --detection-waf
Output:
—————————————————————————————————————————————————————————————————————
___ ______________________________________________ __
__ | / /__ __ __ __ __ ____/_ ____/_ __ __ | / /
__ | /| / /__ /_/ /_ /_/ /_ __/ _ / _ / / /_ |/ /
__ |/ |/ / _ ____/_ _, _/_ /___ / /___ / /_/ /_ /| /
____/|__/ /_/ /_/ |_| /_____/ ____/ ____/ /_/ |_/
Github: https://github.com/blackcrw/wprecon
Version: ..1a
————————————————————————————————————————————————————————————————————
[•] Target: https://www.xxxxxxx.com/
[•] Beginning: 09/jan/2020 12:11:17
[•] Listing permit: https://www.xxxxxxx.com/wp-content/plugins/
[•] Listing empower: https://www.xxxxxxx.com/wp-articles/themes/
[•••] Status Code: 200 — URL: https://www.xxxxxxx.com/wp-admin/
[•••] I'm not totally confident that this concentrate on is working with wordpress! 37.50% chance. do you want to carry on ? [Y/n]: Y
[•••] Status Code: 200 — WAF: Wordfence Safety Detected
[•••] Do you desire to contin ue ?! [Y/n] : Y
