Tech News - HakTechs

Wprecon – A Vulnerability Recognition Tool In CMS WordPress, 100% Developed In Go

Wprecon - A Vulnerability Recognition Tool In CMS Wordpress, 100% Developed In Go

Hi there! Welcome. Wprecon (WordPress Recon), is a vulnerability recognition software in CMS WordPress, 100% formulated in Go.

Discover:

Why is the venture out of updates these times ?! What comes about is that I am doing the vulnerability scanner.

Branch Dev

Compile and Set up

Attributes

  • Random Agent
  • Detection WAF
  • Person Enumerator
  • Plugin Scanner
  • Theme Scanner
  • Tor Proxy’s
  • Detection Honeypot
  • Fuzzing Backup Documents

Usage

Flag(s) Description
-u, –url string Target URL (Ex: http(s)://instance.com/). (Expected)
–buyers-enumerate Use the equipped method to enumerate Customers.
–themes-enumerate Use the equipped mode to enumerate Themes.
–plugins-enumerate Use the provided manner to enumerate Plugins.
–detection-waf I will check out to detect if the focus on is applying any WAF.
–detection-honeypot I will attempt to detect if the focus on is a honeypot, dependent on the shodan.
–no-check out-wp Will skip wordpress examine on concentrate on.
–random-agent Use randomly chosen HTTP(S) Person-Agent header benefit.
–tor Use Tor anonymity network.
–disable-tls-checks Disables SSL/TLS certificate verification.
-h, –help aid for wprecon.
-v, –verbose Verbosity manner.

WPrecon jogging

Command: wprecon --url "https://www.xxxxxxx.com/" --detection-waf

Output: 

—————————————————————————————————————————————————————————————————————

___       ______________________________________________   __
__ |     / /__  __ __  __ __  ____/_  ____/_  __ __  | / /
__ | /| / /__  /_/ /_  /_/ /_  __/  _  /    _  / / /_   |/ /
__ |/ |/ / _  ____/_  _, _/_  /___  / /___  / /_/ /_  /|  /
____/|__/  /_/     /_/ |_| /_____/  ____/  ____/ /_/ |_/

Github: https://github.com/blackcrw/wprecon
Version: ..1a
————————————————————————————————————————————————————————————————————
[•] Target: https://www.xxxxxxx.com/
[•] Beginning: 09/jan/2020 12:11:17

[•] Listing permit: https://www.xxxxxxx.com/wp-content/plugins/
[•] Listing empower: https://www.xxxxxxx.com/wp-articles/themes/
[•••] Status Code: 200 — URL: https://www.xxxxxxx.com/wp-admin/
[•••] I'm not totally confident that this concentrate on is working with wordpress! 37.50% chance. do you want to carry on ? [Y/n]: Y
[•••] Status Code: 200 — WAF: Wordfence Safety Detected
[•••] Do you desire to contin   ue ?! [Y/n] : Y

Picture and Article Source url

Read Additional on Pentesting Equipment

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *