Video Tutorials

WPSploit – WordPress Plugin Code Scanner – Kali Linux 2017.3

WPSploit is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins.

It checks for:

Cross-Site Scripting (XSS)
SQL Injection
File Download
File Inclusion
File Manipulation
Command Execution
PHP Code Execution
Authorisation
Open Redirect
Cross-Site Request Forgery (CSRF)
SSL/TLS

Usage

$ git clone https://github.com/m4ll0k/wpsploit.git
$ cd wpsploit
$ python wpsploit.py plugin_file.php

Video

About the author

Mazen Elzanaty

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: