This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Wordpress Vulnerability Scanner Project"
(→Road Map) |
(→Road Map) |
||
| (11 intermediate revisions by 3 users not shown) | |||
| Line 6: | Line 6: | ||
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | | valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | ||
| − | ==OWASP Wordpress Scanner Project== | + | ==OWASP Wordpress Vulnerability Scanner Project== |
A Wordpress Scanner written in PHP, focus on vulnerability assessment and security audit of misconfiguration in the Wordpress installation. Wordpress Scanner is capable of finding the flaw in the Wordpress installation and will provide all the information regarding the vulnerability. Wordpress Scanner is not a tool for code auditing, it performs "black box" scanning for the Wordpress powered web application. | A Wordpress Scanner written in PHP, focus on vulnerability assessment and security audit of misconfiguration in the Wordpress installation. Wordpress Scanner is capable of finding the flaw in the Wordpress installation and will provide all the information regarding the vulnerability. Wordpress Scanner is not a tool for code auditing, it performs "black box" scanning for the Wordpress powered web application. | ||
| + | |||
| + | The basic security check will review a WordPress installation for common security related mis-configurations. Testing with the basic check option uses regular web requests. The system downloads a handful of pages from the target site, then performs analysis on the resulting html source. | ||
| + | |||
| + | The more aggressive enumeration option attempts to find all plugins / themes that are being used on the WordPress installation and can attempt to enumerate users of the site. These tests will generate HTTP 404 errors in the web server logs of the target site. If you test all plugins, be warned that this will generate more than 18000 log entries and potentially triggered intrusion prevention measures. | ||
| + | |||
| + | Aggressively discover the WordPress plugins and themes installed on a site. Utilizes a database of over 18000 plugins and 2600 themes during testing. Fingerprint the version of the discovered plugins and themes. This version can be compared against latest releases and known security vulnerabilities. | ||
==Current Features== | ==Current Features== | ||
| Line 20: | Line 26: | ||
* Enumerate Themes | * Enumerate Themes | ||
* Enumerate Users | * Enumerate Users | ||
| + | * Password auditing | ||
| valign="top" style="padding-left:25px;width:200px;" | | | valign="top" style="padding-left:25px;width:200px;" | | ||
== Quick Download == | == Quick Download == | ||
| − | *Latest Release @ [https://github.com/RamadhanAmizudin/Wordpress-scanner/releases | + | *Latest Release @ [https://github.com/RamadhanAmizudin/Wordpress-scanner/releases Stable Release] |
| − | *Source Code @ [https://github.com/RamadhanAmizudin/Wordpress-scanner/ | + | *Source Code @ [https://github.com/RamadhanAmizudin/Wordpress-scanner/ Github] |
== Project Leader == | == Project Leader == | ||
| Line 59: | Line 66: | ||
*Download from repo: <tt>git clone https://github.com/RamadhanAmizudin/Wordpress-scanner.git</tt> | *Download from repo: <tt>git clone https://github.com/RamadhanAmizudin/Wordpress-scanner.git</tt> | ||
| − | * | + | *And run <tt>php app.php -h</tt> |
= Acknowledgements = | = Acknowledgements = | ||
==Contributors== | ==Contributors== | ||
*[https://github.com/mokhdzanifaeq/ Mokhdzani Faeq] - Multi-thread support for plugin enumeration. | *[https://github.com/mokhdzanifaeq/ Mokhdzani Faeq] - Multi-thread support for plugin enumeration. | ||
| + | *[https://github.com/d0lph1n98 Fakhri Zulkifli] | ||
*[https://github.com/nawawi Nawawi Jamili] - Code Enhancement. | *[https://github.com/nawawi Nawawi Jamili] - Code Enhancement. | ||
*Big thanks to WPScan.org team for providing plugin/theme/version vulnerability database - WPScan.org | *Big thanks to WPScan.org team for providing plugin/theme/version vulnerability database - WPScan.org | ||
| Line 71: | Line 79: | ||
As of now, the priorities are: | As of now, the priorities are: | ||
*Rewrite code to be more modular | *Rewrite code to be more modular | ||
| − | |||
*Unit Tests | *Unit Tests | ||
| − | |||
*Add Web UI | *Add Web UI | ||
| − | |||
*Add custom wordpress directory(wp-content and wp-plugin) | *Add custom wordpress directory(wp-content and wp-plugin) | ||
*Add support for static user agent(currently random) | *Add support for static user agent(currently random) | ||
Latest revision as of 04:02, 9 December 2015
OWASP Wordpress Vulnerability Scanner ProjectA Wordpress Scanner written in PHP, focus on vulnerability assessment and security audit of misconfiguration in the Wordpress installation. Wordpress Scanner is capable of finding the flaw in the Wordpress installation and will provide all the information regarding the vulnerability. Wordpress Scanner is not a tool for code auditing, it performs "black box" scanning for the Wordpress powered web application. The basic security check will review a WordPress installation for common security related mis-configurations. Testing with the basic check option uses regular web requests. The system downloads a handful of pages from the target site, then performs analysis on the resulting html source. The more aggressive enumeration option attempts to find all plugins / themes that are being used on the WordPress installation and can attempt to enumerate users of the site. These tests will generate HTTP 404 errors in the web server logs of the target site. If you test all plugins, be warned that this will generate more than 18000 log entries and potentially triggered intrusion prevention measures. Aggressively discover the WordPress plugins and themes installed on a site. Utilizes a database of over 18000 plugins and 2600 themes during testing. Fingerprint the version of the discovered plugins and themes. This version can be compared against latest releases and known security vulnerabilities. Current FeaturesThe following features are currently available.
|
Quick Download
Project LeaderContact Us
LicensingOWASP Wordpress Scanner is free software: you can redistribute it and/or modify it under the terms of the MIT License. Classifications
| |||
Requirement
- PHP >= 5.3
- PHP cURL Extension
- PHP JSON Extension
- PHP OpenSSL Extension (HTTPS Support)
Installation
- Download from repo: git clone https://github.com/RamadhanAmizudin/Wordpress-scanner.git
- And run php app.php -h
Contributors
- Mokhdzani Faeq - Multi-thread support for plugin enumeration.
- Fakhri Zulkifli
- Nawawi Jamili - Code Enhancement.
- Big thanks to WPScan.org team for providing plugin/theme/version vulnerability database - WPScan.org
Road Map
As of now, the priorities are:
- Rewrite code to be more modular
- Unit Tests
- Add Web UI
- Add custom wordpress directory(wp-content and wp-plugin)
- Add support for static user agent(currently random)
- Vulnerability Database (currently using https://wpvulndb.com)
