RedPacket Security

InfoSec News & Tutorials

News 

Wprecon – A Vulnerability Recognition Tool In CMS WordPress, 100% Developed In Go

admin , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord
wprecon 1 ninja

Hello! Welcome. Wprecon (WordPress Recon), is a vulnerability recognition tool in CMS WordPress, 100% developed in Go.

The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G...
AMD Ryzen 5 3600 6-Core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler $199.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 6 cores and 12 processing threads bundled with the quiet AMD wraith stealth cooler max temps 95°C 4 2 G... read more
(as of January 23, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 8 cores and 16 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED s...
AMD Ryzen 7 3700X 8-Core, 16-Thread Unlocked Desktop Processor with Wraith Prism LED Cooler $324.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 8 cores and 16 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED s... read more
(as of January 23, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ...
AMD Ryzen 9 3900X 12-core, 24-thread unlocked desktop processor with Wraith Prism LED Cooler $489.99
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of January 23, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)

Notice:

Why is the project out of updates these days ?! What happens is that I am doing the vulnerability scanner.

Branch Dev

Compile and Install

Features

  • Random Agent
  • Detection WAF
  • User Enumerator
  • Plugin Scanner
  • Theme Scanner
  • Tor Proxy’s
  • Detection Honeypot
  • Fuzzing Backup Files

Usage

Flag(s) Description
-u, –url string Target URL (Ex: http(s)://example.com/). (Required)
–users-enumerate Use the supplied mode to enumerate Users.
–themes-enumerate Use the supplied mode to enumerate Themes.
–plugins-enumerate Use the supplied mode to enumerate Plugins.
–detection-waf I will try to detect if the target is using any WAF.
–detection-honeypot I will try to detect if the target is a honeypot, based on the shodan.
–no-check-wp Will skip wordpress check on target.
–random-agent Use randomly selected HTTP(S) User-Agent header value.
–tor Use Tor anonymity network.
–disable-tls-checks Disables SSL/TLS certificate verification.
-h, –help help for wprecon.
-v, –verbose Verbosity mode.

WPrecon running

Command: wprecon --url "https://www.xxxxxxx.com/" --detection-waf

Output:

You may be interested in...

  • Cyber Bully
  • The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats
  • Cyber Warfare – Truth, Tactics, and Strategies: Strategic concepts and truths to help you and your organization survive on the battleground of cyber warfare
  • Cyber Bride
  • A Battle of Equals

    • —————————————————————————————————————————————————————————————————————

    ___       ______________________________________________   __
    __ |     / /__  __ __  __ __  ____/_  ____/_  __ __  | / /
    __ | /| / /__  /_/ /_  /_/ /_  __/  _  /    _  / / /_   |/ /
    __ |/ |/ / _  ____/_  _, _/_  /___  / /___  / /_/ /_  /|  /
    ____/|__/  /_/     /_/ |_| /_____/  ____/  ____/ /_/ |_/

    Github: https://github.com/blackcrw/wprecon
    Version: 0.0.1a
    ————————————————————————————————————————————————————————————————————
    [•] Target: https://www.xxxxxxx.com/
    [•] Starting: 09/jan/2020 12:11:17

    [•] Listing enable: https://www.xxxxxxx.com/wp-content/plugins/
    [•] Listing enable: https://www.xxxxxxx.com/wp-content/themes/
    [•••] Status Code: 200 — URL: https://www.xxxxxxx.com/wp-admin/
    [•••] I'm not absolutely sure that this target is using wordpress! 37.50% chance. do you wish to continue ? [Y/n]: Y
    [•••] Status Code: 200 — WAF: Wordfence Security Detected
    [•••] Do you wish to contin   ue ?! [Y/n] : Y
    Download Wprecon

    If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

    Discord

    Original Source

    You May Also Like

    osint

    Expert found a secret backdoor in Zyxel firewall and VPN

    admin
    osint

    Child identity theft, part 1: On familiar fraud

    admin
    osint

    Mac cyberattacks double in 2019: Malwarebytes

    admin