Tool and Usage
WPForce is a suite of tools to attack Wordpress installations. One part focuses on brute forcing logins, the other to upload a shell upon finding credentials.
This toolkit is fairly new and consists of WPForce and Yertle. As the name implies, the first component has the focus on brute force attacking of login credentials. When admin credentials have been found, it is Yertle that allows uploading a shell. Yertle also has post-exploitation modules for further research.
Usage and audience
WPForce is commonly used for penetration testing, security assessment, or vulnerability scanning. Target users for this tool are pentesters and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
- - Full name of author is unknown
Supported operating systems
WPForce is known to work on Linux.