WordPress fingerprinting tools
Introduction
Good fingerprinting tools need to be part of your toolbox, especially if you perform regular security analysis. This category of tools specifically targets WordPress installations, even though some can be used for others as well.
Usage
WordPress fingerprinting tools are typically used for application discovery, application fingerprinting, application testing, web application analysis.
Users for these tools include pentesters and security professionals.
Tools
Popular WordPress fingerprinting tools
Plecost (WordPress fingerprinting)
web application analysis
Plecost is a security tool to fingerprint WordPress installations and find available vulnerabilities.
WPScan (WordPress vulnerability scanner)
penetration testing, security assessment, vulnerability scanning
WPScan can scan WordPress installations and determine if there are vulnerabilities in a particular installation.
WordPress Exploit Framework (WordPress exploiting toolkit)
penetration testing, security assessment, vulnerability scanning, web application analysis
The WordPress Exploit Framework (WPXF) provides a set of tools to assess and exploit WordPress installations. It can be used for pentesting and red teaming assignments. The tool is less friendly for beginners, but more experienced pentesters will find no difficulty in using it.
wp_enum (user enumeration)
penetration testing, security assessment, vulnerability scanning
This utility scans for the available identities on a WordPress installation.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.