6 releases (stable)
1.0.4 | Jun 26, 2020 |
---|---|
1.0.3 | Feb 3, 2020 |
1.0.2 | Jul 18, 2019 |
1.0.0 | May 31, 2019 |
0.0.2 | May 31, 2019 |
#1865 in Parser implementations
36KB
868 lines
wpscan-analyze
Analyzes wpscan json output and checks for vulnerabilities
wpscan checks WordPress installation for outdated versions, plugins, and themes. wpscan-analyze
analyses wpscan
's JSON output and signals results via exit status, JSON and human readable output.
Basic Usage
wpscan
needs an input file in JSON format generated by a run of wpscan
against a WordPress installation.
Run wpscan
wpscan --url https://lukas.pustina.de --update --output wpscan.json --format json
Run wpscan-analyze
> wpscan -f wpscan.json
wpscan-analyze version=0.0.2, log level=Level(Warn)
+--------------------------+---------+---------------+--------------------+------------+------------+
| Component | Version | Version State | Vulnerabilities | Processing | Result |
+--------------------------+---------+---------------+--------------------+------------+------------+
| WordPress | 4.9.10 | Latest | No vulnerabilities | Ok | Ok |
| Main Theme | 3.2.1 | Latest | No vulnerabilities | Ok | Ok |
| Plugin: wp-super-cache | 1.6.3 | Outdated | No vulnerabilities | Ok | Outdated |
| Plugin: wordpress-seo | 8.0 | Outdated | 1 vulnerabilities | Ok | Vulnerable |
| Plugin: jm-twitter-cards | 9.4 | Outdated | No vulnerabilities | Ok | Outdated |
+--------------------------+---------+---------------+--------------------+------------+------------+
Analyzer result summary: outdated=3, vulnerabilities=1, failed=0
> echo $?
11
Help
man 1 wpscan-analyze
Installation
Ubuntu [x86_64]
Please add my PackageCloud open source repository and install wpscan-analyze
via apt.
curl -s https://packagecloud.io/install/repositories/lukaspustina/opensource/script.deb.sh | sudo bash
sudo apt-get install wpscan-analyze
Linux Binaries [x86_64]
There are binaries available at the GitHub release page. The binaries get compiled on Ubuntu.
macOS Binaries [x86_64]
There are binaries available at the GitHub release page.
Sources
Please install Rust via rustup and then run
git clone https://github.com/lukaspustina/wpscan-analyze
cd wpscan-analyze
cargo build
Postcardware
You're free to use wpscan-analyze
. If you find it useful, I would highly appreciate you sending me a postcard from your hometown mentioning how you use wpscan-analyze
. My work address is
Lukas Pustina
CenterDevice GmbH
Rheinwerkallee 3
53227 Bonn
German
Dependencies
~12–21MB
~304K SLoC