Skip to content

yahmed-66/WPQuickCheck

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 
license.txt
license.txt
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

WPQuickCheck - quick WordPress enumeration

A quick scanner that checks common misconfigurations for WordPress and screenshots them for use in pentesting reports.

View the blog writeup here.

Quick start:

Make sure you have GoWitness instaled

git clone https://github.com/yahmed-66/WPQuickCheck
cd WPQuickCheck
pip3 install -r requirements.txt
python3 main.py <URL> ~/Desktop

Features

WP Quickcheck scans for the following items and outputs it to a directory of your choosing (defaults to ~):

  • /wp-admin
  • /wp-login.php
  • /wp-includes.php
  • /wp-json
    • /wp/v2/users
  • /wp-config.php
  • /wp-content
    • /themes
    • /plugins
    • /uploads
  • /license.txt
  • /readme.html
  • User ID enumeration (/?author=1)
  • xmlrpc.php and pingback SSRF

Please make a pull request if you would like to add more features

Disclaimers

This tool is designed for authorized security testing only. Unauthorized access to computer systems is illegal and punishable by law.

WPQuickCheck is released under the MIT License.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages