Michele Manzotti

Wednesday February 22nd 2012

Wpmap

Today 17 March in Italy is national holiday so I have spent my spare time to write a little tool: wpmap.py

As you can image, wpmap is a tool to discover the most installed plugins on WordPress platform. It could be useful when during a penetration testing you have time to download the plugin source code and find some issues.

Menu:

$ python wpmap.py 
Simple Wordpress scanner to enumerate installed plugins   by Michele `m7x` Manzotti
Version 1.0   Plugins: 104   EDB-ID: 2011-01-08
Usage: wpmap.py --site <target>
 
Options:
  -h, --help            show this help message and exit
  -s SITE, --site=SITE  Wordpress site
  -d DIRECTORY, --directoy=DIRECTORY
                        Subdirectory Wordpress site
  -e, --exploit         Show exploit-db ID [default: False]
  -v, --verbose         Verbose mode[default: False]

Some screenshots:

with “-e” option:

Download:

svn co https://wpmap.svn.sourceforge.net/svnroot/wpmap wpmap

Happy hacking :-)

Related Tags: tool, wordpress, wpmap

Previous Topic: Tutorial write an exploit part 3 SEH

Next Topic: Fake AP in 2 seconds

Twitter

Evading .NET and Browser XSS Protection with Attribute Based XSS http://t.co/CgeKjn5m 10:32:23 PM febbraio 19, 2012 da web Rispondi Retweet Preferiti
e' preoccupato perche' nella lavatrice ha messo panni scuri e chiari insieme :S 10:29:45 AM febbraio 19, 2012 da web Rispondi Retweet Preferiti
Windows Pwn 7 Oem, Alex Plaskett - 44Con http://t.co/AHhqmf15 Amazing! 10:42:16 PM febbraio 18, 2012 da web Rispondi Retweet Preferiti
Espresso da #CostaCoffee... le piccole gioie della vita! 11:02:56 AM febbraio 18, 2012 da web Rispondi Retweet Preferiti
Attacking the RDP clients http://t.co/WlZ9rPco 10:36:42 PM febbraio 16, 2012 da web Rispondi Retweet Preferiti

@michelemanzotti

Michele Manzotti

Wpmap

Leave a Comment

More Topics

Categories

Twitter

Latest Topics