WPrecon: Vulnerability Recognition Tool for WordPress
Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.
I recently found out that my tool has the same name as a website … which has the same “subject” as my tool. But I already warn you that this wprecon that you see on github has nothing to do with this site. I don’t have a website yet!
All that are already marked, are already on wprecon. But since they are not, it is for the reason that they are still in development.
Detection WAF (Passive & Aggressive)
Random User Agent
Enumerator (Users, Plugins & Themes)
Enumerator Version (Plugins, Themes & WordPress)
Brute Force (xml-rpc & wp-login)
Vulnerability Version Checking (Plugins) (Beta)
For you to compile wprecon you will need to have the golang compiler installed. And for that you will access the official website of golang and will download and install it. Here!
Once downloaded and installed you will download wprecon directly from github with the command:
go get github.com/blackbinn/wprecon;
cd $(go env GOPATH)/src/github.com/blackbinn/wprecon;