WPSploit – WordPress Plugin Code Scanner – Kali Linux 2017.3
WPSploit is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. It checks for: Cross-Site Scripting (XSS) SQL Injection File Download File Inclusion File Manipulation Command Execution PHP Code Execution Authorisation Open Redirect Cross-Site Request Forgery (CSRF) SSL/TLS Usage $ git clone https://github.com/m4ll0k/wpsploit.git $ cd wpsploit […]