WPrecon Vulnerability Recognition Tool for WordPress
WPrecon Vulnerability Recognition Tool for WordPress

WPrecon: Vulnerability Recognition Tool for WordPress

Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.

Warning

I recently found out that my tool has the same name as a website … which has the same “subject” as my tool. But I already warn you that this wprecon that you see on github has nothing to do with this site. I don’t have a website yet!

Features

All that are already marked, are already on wprecon. But since they are not, it is for the reason that they are still in development.

  • Detection WAF (Passive & Aggressive)
  • Random User Agent
  • Tor Proxy
  • Enumerator (Users, Plugins & Themes)
  • Enumerator Version (Plugins, Themes & WordPress)
  • Brute Force (xml-rpc & wp-login)
  • Scripts
  • Vulnerability Version Checking (Plugins) (Beta)

Build

For you to compile wprecon you will need to have the golang compiler installed. And for that you will access the official website of golang and will download and install it. Here!

Once downloaded and installed you will download wprecon directly from github with the command:

go get github.com/blackbinn/wprecon;
cd $(go env GOPATH)/src/github.com/blackbinn/wprecon;
make build.

WPrecon running

wprecon --help
Help command WPrecon
Help command WPrecon
wprecon fuzz --help
fuzz subcommand WPrecon
fuzz subcommand WPrecon
wprecon -u https://xxxx.com/ --agressive-mode --random-agent
Search for WordPress vulnerabilities
Search for WordPress vulnerabilities
Dark Mode

wprecon (this link opens in a new window) by blackbinn (this link opens in a new window)

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, developed in Go and with scripts in Lua.