Tool comparison of WordPress vulnerability scanners

Finding the right tool for the job can be difficult task. This sheet compares Vane, WPScan, WPSeku, Wordstress, wp_enum, and wpvulndb_cmd.

Tool comparison of Vane, WPScan, WPSeku, Wordstress, wp_enum, and wpvulndb_cmd
VaneWPScanWPSekuWordstresswp_enumwpvulndb_cmd
Description

Vane is a forked project of the now non-free popular WordPress vulnerability scanner WPScan.

WPScan is a security tool to perform black box WordPress vulnerability scans, including enumeration of used plugins

WPSeku is a WordPress vulnerability scanner that can be used to scan remote WordPress installations.

Wordstress is a security scanner for WordPress installations. It uses a white-box approach in scanning, which makes it different than most other scanners.

The wp_enum tool helps with the discovery of WordPress users and accounts.

wpvulndb_cmd is a command-line security tool to perform a vulnerability scan on WordPress installations. It uses WP-CLI and the WPScan vulnerability database.

Dependencies
Strenghts
  • More than 25 contributors
  • The source code of this software is available
  • More than 25 contributors
  • More than 2000 GitHub stars
  • The source code of this software is available
  • The source code of this software is available
  • The source code of this software is available
  • The source code of this software is available
Weaknesses
  • Software usage is restricted (e.g. commercially)
  • Unknown project license
Programming language(s)

Ruby

Ruby

Python

Ruby

Python

Python

Last release

Unknown

3.8.18 (2021-06-08)

0.2 (2017-05-25)

0.70.0 (2016-01-27)

No version (2017-03-05)

Unknown

Tool page (last updated)

2021-05-08

2021-06-08

2021-05-08

2021-05-08

2021-05-08

2021-05-08

Tool score

64

100

52

60

40

64

Download

Download

Download

Download

Download

No link available

Download

More information