Browsing tag
WPSploit is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. It checks for: Cross-Site Scripting (XSS) SQL Injection File Download File Inclusion File Manipulation Command Execution PHP Code Execution Authorisation Open Redirect Cross-Site Request Forgery (CSRF) SSL/TLS Usage $ git clone https://github.com/m4ll0k/wpsploit.git $ cd wpsploit […]
This tool is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. For more info click here. Usage $ git clone https://github.com/m4ll0k/wpsploit.git $ cd wpsploit $ python wpsploit.py plugin_file.php or $ wget https://raw.githubusercontent.com/m4ll0k/wp_sploit/master/wpsploit.py $ python wpsploit.py plugin_file.php Example $ wget https://plugins.svn.wordpress.org/analytics-for-woocommerce-by-customerio/trunk/admin/class-wccustomerio-admin.php $ python wpsploit.py class-wccustomerio-admin.php Download […]