Wprecon, is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.

Overview

Golpher Ninja by Takuya Ueda

WPrecon (Wordpress Recon)

GitHub commit activity GitHub go.mod Go version (branch)

Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.

FeaturesCompile & InstallLicenseAuthor

Version: 1.4.0a

Warning

I recently found out that my tool has the same name as a website ... which has the same "subject" as my tool. But I already warn you that this wprecon that you see on github has nothing to do with this site. I don't have a website yet!

Features & Tasks List

All that are already marked, are already on wprecon. But since they are not, it is for the reason that they are still in development.

  • Detection WAF
  • Fuzzing Backup Files
  • Fuzzing Passwords (xml-rpc)
  • Fuzzing Passwords (wp-login)
  • Random User Agent
  • Plugin(s) Enumerator
  • Theme(s) Enumerator
  • Scripts
  • Tor Proxy
  • User(s) Enumerator
  • Vulnerability Version Checking (Plugins) (Beta)

—————————————————— Task List ——————————————————

  • 🔨 — More Scripts Web Exploits
  • More Vulnerabilities (Plugins)
  • Vulnerability Version Checking (Theme)

WPrecon running

$ wprecon --help wprecon --help

$ wprecon fuzz --help wprecon fuzz --help

$ wprecon -u https://xxxx.com/ --agressive-mode --tor --random-agent wprecon -u https://xxxx.com/ --agressive-mode --tor --random-gent

Comments
  • Segmentation violation

    Segmentation violation

    Hi, i was using wprecon to help me throught a pentest, but suddently wprecon stop OS: ArchLinux Used Command : wprecon --url url --force --aggressive-mode --detection-waf --random-agent After a few minutes of scan wprecon prints me : "Get url/v1/api/vulnerable/plugins/elementor/5.11.0: dial tcp IP connect: connection timed out" "panic: runtime error: invalid memory address or nil pointer dereference" "[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xc5852f] and a stack trace !

    Can you help me on that ?

    opened by RJSOG 2
  • Not Works

    Not Works

    Hi, I try to use this app, but can't work for me run it by following command go run main -u [My URL] after several second got this message [!] I'm not absolutely sure that this target is using wordpress! 37.50% chance. do you wish to continue ? [Y/n]: then i enter Y but app closed!

    I use go version go1.15.6 linux/amd64 on Pop!_OS 20.10

    help wanted 
    opened by mthri 1
  • WPRecon v2

    WPRecon v2

    WPRecon (Wordpress Recon)

    WPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.
    
    • Version 1.v had a lot of bugs, mainly due to the structuring of go packages and codes.

    • Version 2.v is focused on improving all aspects of wprecon such as appearance, performance, displayed information, multithreading and many other things.

    • For now the project is still in its alpha/beta version.

    wprecon -u https://xxxx.com/ --agressive-mode --random-gent

    enhancement update 
    opened by blackcrw 0
  • 🚀🔨update 1.4.0a

    🚀🔨update 1.4.0a

    • Command: --wp-content-dir
    • Web Application Firewall detection passive/active mode
    • More famous firewalls for our aggressive firewall detection list
    • Fixed bugs
    • Performance improvements
    invalid 
    opened by blackcrw 0
  • 🚀🔨 update 1.3.0a Dev

    🚀🔨 update 1.3.0a Dev

    Wow ... how long without updating right ?! But now there comes a wprecon with a new face ...

    • [x] Bugs fixed;
    • [x] New designer;
    • [x] More information;
    • [x] More speed;
    • [x] Fewer processes;
    • [x] Improvements in the list of plugins, themes and their versions.
    invalid 
    opened by blackcrw 0
  • 🚀🔨 Complete code refactoring.

    🚀🔨 Complete code refactoring.

    New:

    • Scripts in LUA :new_moon:
    • Vuln Scan (Beta)
    • Passive Mode User(s) Enumeration
    • Aggressive Mode User(s) Enumeration
    • Passive Mode Plugin(s) Enumeration
    • Aggressive Mode Plugin(s) Enumeration
    • Passive Mode Theme(s) Enumeration
    • Aggressive Mode Theme(s) Enumeration
    • Auto Finding Important File(s)

    Note:

    So far there may still be some visual bugs. If a bug occurs please report it, create an issue reporting your problem, when it occurred and the flags used. The plugin's vuln(s) database is not yet 100%.

    enhancement 
    opened by blackcrw 0
  • No install file

    No install file

    1.) go get is depracated

    2.) go install @latest will not work too: go: github.com/blackcrw/[email protected]: module github.com/blackcrw/[email protected] found (v0.0.0-20220404002433-502c47e263dc), but does not contain package github.com/blackcrw/wprecon

    opened by drgreenthumb93 1
Releases(2.4.5)
  • 2.4.5(Apr 6, 2022)

    WPRecon (Wordpress Recon) v2.4.5

    WPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.
    

    ⚡️ / 🎨 There was a big/small change in the code structure of the plugins/themes enumerator, in order to get better performance and to be able to more easily adapt future new features.

    Source code(tar.gz)
    Source code(zip)
  • 2.4.4(Mar 13, 2022)

    WPRecon (Wordpress Recon) v2.4.4

    WPRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.
    

    :recycle: Code refactoring 🌟 A start to Windows compatibility

    • [x] Full Changelog: https://github.com/blackcrw/wprecon/compare/v2.4.3...v2.4.4
    Source code(tar.gz)
    Source code(zip)
  • v2.4.2a(Jan 30, 2022)

  • v2.3.2(Dec 29, 2021)

Owner
blackbinn
blackbinn
Solver for wordle hard mode - achieves 5 attempts or less 100% of the time

wordier Solver for wordle hard mode - achieves 5 attempts or less 100% of the time Example - Spoiler ➜ wordier git:(master) ✗ go run main.go scamp ➜

Adam Smith 0 Jan 12, 2022
An application that is developed to generate application by API specification

GO boilerplate is an application that is developed to generate application by API specification and Database schema with the collaboration with opn-generator.

Rafi Mahmud 0 Oct 14, 2021
Developed Code for the Fulfillment of the technical task given by Appointy using Go

INSTAGRAM BACKEND API BY KUNAL KULKARNI Table of Contents About The Project Built With Getting Started Prerequisites Installation Usage License Contac

Kunal Kulkarni 1 Oct 10, 2021
Forklift: an API application developed with go that enables virtual server migration from vcenter virtualization environment to openstack environment

What is the Forklift? Forklift is an API application developed with go that enables virtual server migration from vcenter virtualization environment t

Ali 3 Jan 14, 2022
Fishfindr - An application that is being developed to help me figure out the best places to fish based on my catch history

fishfindr Fishfindr is an application that is being developed to help me figure out the best places to fish based on my catch history. The front-end p

Jake Correnti 2 Feb 10, 2022
The forgotten go tool that executes and caches binaries included in go.mod files.

The forgotten go tool that executes and caches binaries included in go.mod files. This makes it easy to version cli tools in your projects such as gol

Dustin Blackman 24 Sep 27, 2022
[TOOL, CLI] - Filter and examine Go type structures, interfaces and their transitive dependencies and relationships. Export structural types as TypeScript value object or bare type representations.

typex Examine Go types and their transitive dependencies. Export results as TypeScript value objects (or types) declaration. Installation go get -u gi

Daniel T. Gorski 154 Nov 2, 2022
A tool for design-by-contract in Go

gocontracts gocontracts is a tool for design-by-contract in Go. It generates pre- and post-condition checks from the function descriptions so that the

null 90 Nov 23, 2022
elPrep: a high-performance tool for analyzing sequence alignment/map files in sequencing pipelines.

Overview elPrep is a high-performance tool for analyzing .sam/.bam files (up to and including variant calling) in sequencing pipelines. The key advant

null 261 Nov 2, 2022
A command line tool to generate sequence diagrams

goseq - text based sequence diagrams A small command line utility used to generate UML sequence diagrams from a text-base definition file. Inspired by

Leon Mika 187 Oct 14, 2022
Stargather is fast GitHub repository stargazers information gathering tool

Stargather is fast GitHub repository stargazers information gathering tool that can scrapes: Organization, Location, Email, Twitter, Follow

dw1 55 Oct 19, 2022
Podman: A tool for managing OCI containers and pods

Podman: A tool for managing OCI containers and pods Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those

Containers 16.1k Nov 29, 2022
A tool that facilitates building OCI images

Buildah - a tool that facilitates building Open Container Initiative (OCI) container images The Buildah package provides a command line tool that can

Containers 5.8k Dec 1, 2022
A tool to run queries in defined frequency and expose the count as prometheus metrics.

A tool to run queries in defined frequency and expose the count as prometheus metrics. Supports MongoDB and SQL

S Santhosh Nagaraj 19 Jul 1, 2022
CodePlayground is a playground tool for go and rust language.

CodePlayground CodePlayground is a playground tool for go and rust language. Installation Use homebrews to install code-playground. brew tap trendyol/

Trendyol Open Source 47 Mar 5, 2022
Squizit is a simple tool, that aim to help you get the grade you want, not the one you have learnt for.

Squizit is a simple tool, that aim to help you get the grade you want, not the one you have learnt for. Screenshots First, input PIN Then enjoy! Hoste

cyan 11 Mar 11, 2022
A tool suite for Redis profiling

Insecticide Insecticide is a tool suite for Redis profiling. It finds ambiguous values in your redis configuration.

Сити-Мобил 8 Dec 13, 2021
Go package for dealing with Mantis Bug Tracking tool

BlueMantis is a Go package in development that aim to make the process of sending issues and bugs in Go applications to the Open Source Bug Tracking software MantisBT.

Gustavo H. M. Silva 6 Aug 3, 2021
Scaffolding tool for golang based services

Scaffolding tool for golang based services

Praveen Penumaka 2 Mar 6, 2022