Web Application Security
Introducing WPScan ? WordPress Security Scanner Jun 16 2011 03:13PM
Ryan Dewhurst (ryandewhurst gmail com) (2 replies)
Re: Introducing WPScan â?? WordPress Security Scanner Jun 19 2011 04:59PM
Veronica (vero valeros gmail com) (1 replies)
Hi!,

> WPScan is a black box WordPress Security Scanner written in Ruby which
> attempts to find known security weaknesses within WordPress
> installations.
I tried it minutes ago, nice tool!

> Features include:
>
> Username enumeration (from ?author)
I tried it with some WordPress based websites and it is not showing
the usernames but the display name. Did you wanted to get the display
name?
If you expected to get the username, you can find it by parsing the
head section of the html source code, the username is usually inside
an href tag preceded by '/author/'.

Hope it's useful!

Verónica
--
---------------------------------------------------------------
http://keyserver.veridis.com:11371/export?id=5229491868415998346&created
=1256222534000

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: Introducing WPScan ? WordPress Security Scanner Jun 19 2011 08:26PM
Ryan Dewhurst (ryandewhurst gmail com)
Re: Introducing WPScan ? WordPress Security Scanner Jun 19 2011 07:27AM
seth (xd seth gmail com) (1 replies)
Re: Introducing WPScan ? WordPress Security Scanner Jun 19 2011 08:24PM
Ryan Dewhurst (ryandewhurst gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus