WPrecon (WordPress Recon)
Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.
Features
Status | Features |
---|---|
✅ | Random Agent |
✅ | Detection WAF |
✅ | User Enumerator |
✅ | Plugin Scanner |
✅ | Theme Scanner |
✅ | Tor Proxy’s |
✅ | Detection Honeypot |
❌ | Vulnerability Scanner |
❌ | Admin Finder |
Use
Flag(s) | Description |
---|---|
-u, –url string | Target URL (Ex: http(s)://example.com/). (Required) |
–users-enumerate | Use the supplied mode to enumerate Users. |
–themes-enumerate | Use the supplied mode to enumerate Themes. |
–plugins-enumerate | Use the supplied mode to enumerate Plugins. |
–detection-waf | I will try to detect if the target is using any WAF. |
–detection-honeypot | I will try to detect if the target is a honeypot, based on the shodan. |
–no-check-wp | Will skip wordpress check on target. |
–random-agent | Use randomly selected HTTP(S) User-Agent header value. |
–tor | Use the Tor anonymity network. |
–disable-tls-checks | Disables SSL/TLS certificate verification. |
-h, –help | help for wprecon. |
-v, –verbose | Verbosity mode. |
Leave a Reply