Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.
Features
All that are already marked, are already on wprecon. But since they are not, it is for the reason that they are still in development.
- Detection WAF (Passive & Aggressive)
- Random User Agent
- Tor Proxy
- Enumerator (Users, Plugins & Themes)
- Enumerator Version (Plugins, Themes & WordPress)
- Brute Force (xml-rpc & wp-login)
- Scripts
- Vulnerability Version Checking (Plugins) (Beta)
Build
For you to compile wprecon you will need to have the golang compiler installed. And for that you will access the official website of golang and will download and install it. Here!
Once downloaded and installed you will download wprecon directly from github with the command:
go get github.com/blackbinn/wprecon;
cd $(go env GOPATH)/src/github.com/blackbinn/wprecon;
make build.
WPrecon running
wprecon --help

wprecon fuzz --help

wprecon -u https://xxxx.com/ --agressive-mode --random-agent

wprecon (this link opens in a new window) by blackbinn (this link opens in a new window)
WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, developed in Go and with scripts in Lua.