Awesome
WPSpider- A WordPress Scanner (version 1.0b)
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility. It has following features:
- Login Page-
- Authentication is required to access the application.
- Dashboard Page-
- On Demand Scan : Run scans instantly by either providing a URL or a text file having multiple URL's seprated by a new line as an input.
- Scan History : View or delete scan history and reports.
- Schedule Scan : Configure scans to run automatically, or on a recurring basis just like a cron job in linux.
- Scheduled Scan History : Edit cron rule or delete any scheduled scan.
- Report Page-
- View or print the details of vulnerabilities discovered after scan completes.
Key Features
* Performs scan for single or multiple WordPress applications asynchronously
* Supports both on demand and scheduled scans (like a cron job)
* Cross-platform application
How to Setup?
* Download and Install Node.js- https://nodejs.org/en/download/
* Install wpscan- https://wpscan.org/
* git clone https://github.com/cyc10n3/WPSpider.git
* cd WPSpider
* npm install (for installing node modules or dependencies)
* npm start
* Open https://localhost:1337 or https://127.0.0.1:1337 in browser
* Login with default credentials (admin/cyc10n3)
It is recommended to change the login password by modifying config.json
file
.
Screenshots
Login
Dashboard: On-demand Scan
Dashboard: Schedule Scan
Scan Report
Known Issues
* Login bruteforce possible
Authors
- Gaurav Mishra - Initial work - gmishra010@gmail.com
License
This project is licensed under the MIT License - see the LICENSE file for details