jump to navigation

Wpmap March 17, 2011

Posted by michelemanzotti in Tools.
Tags: , ,
1 comment so far

Today 17 March in Italy is national holiday so I have spent my spare time to write a little tool: wpmap.py

As you can image, wpmap is a tool to discover the most installed plugins on WordPress platform. It could be useful when during a penetration testing you have time to download the plugin source code and find some issues.

Menu:

$ python wpmap.py
Simple WordPress scanner to enumerate installed plugins   by Michele `m7x` Manzotti
Version 1.0   Plugins: 104   EDB-ID: 2011-01-08
Usage: wpmap.py --site 

Options:
  -h, --help            show this help message and exit
  -s SITE, --site=SITE  WordPress site
  -d DIRECTORY, --directoy=DIRECTORY
                        Subdirectory WordPress site
  -e, --exploit         Show exploit-db ID [default: False]
  -v, --verbose         Verbose mode[default: False]

Some screenshots:

with “-e” option:

Download:

svn co https://wpmap.svn.sourceforge.net/svnroot/wpmap wpmap

Happy hacking 🙂