Skip to content

Latest commit

 

History

History
38 lines (32 loc) · 2.26 KB

README.md

File metadata and controls

38 lines (32 loc) · 2.26 KB

wp_ninja

This a simple tool to fully scan your WordPress site (themes, plugins, configurations...).

What benefits do I can get by using it?

  • Full Plugins and Themes scan which prides you with links to potential vulnerabilities in it (from WPScan).
  • Full xmlrpc exploits check.
  • Users enumeration.
  • Users extraction from REST-API.
  • Setting your own User-Agent.
  • Setting your own Cookie.
  • Setting your own HTTP proxy.
  • Setting xmlrpc's path.
  • Configurable Timeout.
  • Disabling any undesirable scans.

Installing:

pip install -r requirements.txt
If you are on linux run it as root (to automatically install NodeJS):
sudo pip install -r requirements.txt

Usage examples:

python wp_ninja.py -h
python wp_ninja.py -u http://www.example.com
python wp_ninja.py -u http://www.example.com -t 14 -ua "user agent string" -c "cookie string" -p "127.0.0.1:8080" -x /xmlrpc.php
python wp_ninja.py -d general -d xmlrpc -u http://www.example.com

Note:


If you are using Windows OS, please install NodeJS on your computer.