Tool and Usage
|Latest release||0.70.0 |
Why this tool?
WordPress is a popular choice among content management systems (CMS). Powering many websites and blogs, it is also a popular target. So regular updates and security testing can help to reduce the risk. WordStress can help with this testing.
How it works
Most security scanners perform a black-box approach and perform different types of test. This approach may result in false positives, as not everything can be properly validated. This can be consuming time and resources for both the security researcher and the one who maintains the installation. Wordstress takes another approach by doing a white-box scan. This means you will need to have full access to the WordPress installation, with the big benefit of getting more in-depth scans.
Usage and audience
Wordstress is commonly used for application security, vulnerability scanning, or web application analysis. Target users for this tool are developers, pentesters, security professionals, and system administrators.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Supported operating systems
Wordstress is known to work on Linux.
Similar tools to Wordstress:
The WordPress Exploit Framework (WPXF) is a framework written in Ruby. As the name implies, it aids in pentesting WordPress installations.
Web Application Security Scanner aimed towards helping users evaluate the security of web applications
CMSeeK is a security scanner for content management systems (CMS) and used for security assessments. Read how it works in this review.
Found an improvement? Help the community by submitting an update.