WPScan

LSE top 100LSE top 100WPScan (11)WPScan (11)

Tool and Usage

WPScan is a security tool to perform black box WordPress vulnerability scans, including enumeration of used plugins

Screenshot for WPScan tool review

Why this tool?

WPScan can scan WordPress installations and determine if there are vulnerabilities in a particular installation.

Additional information

While the code is available and the tool can be freely used, there are limitations when using this software commercially. The tool does not have to be installed, as it can also be used as part of a Docker image.

Usage and audience

WPScan is commonly used during penetration test, security assessment, or vulnerability scanning. Target users for this tool are pentesters, security professionals, and system administrators.

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 25 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Software usage is restricted (e.g. commercially)

Author and Maintainers

WPScan is under development by Ryan Dewhurst. This project is currently maintained by Christian Mehlmauer, Erwan LR, Peter van der Laan.

Installation

Support operating systems

WPScan is known to work on Linux.

WPScan alternatives

Several alternative tools are available for WPScan that might be a good replacement.

64

Vane

Vane is a forked project of the now non-free popular WordPress vulnerability scanner WPScan.

Best alternative [100]
76

WPSeku

WPSeku is a WordPress vulnerability scanner that can be used to scan remote WordPress installations.

More alternative tools for WPScan

This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest release2.9.3 [2017-07-19]
License(s)Multi-license
Last updatedSept. 17, 2017

Project health

100
This score is calculated by different factors, like project age, last release date, etc.

Links

GitHub iconWPScan GitHub project page
Twitter icon@_WPScan_
 WPScan project website
 WPScan vulnerability database

Compare WPScan with other tools

Related terms