wpscan-analyze

Analyzes wpscan json output and checks for vulnerabilities

Linux and macOS Build Status codecov GitHub release MIT licensed

wpscan checks WordPress installation for outdated versions, plugins, and themes. wpscan analysis wpscan's JSON output and signals results via exit status, JSON and human readable out.

Basic Usage

wpscan needs an input file in JSON format generated by a run of wpscan against a WordPress installation.

Run wpscan

wpscan --url https://lukas.pustina.de --update --output wpscan.json --format json

Run wpscan-analyze

```bash

wpscan -f wpscan.json wpscan-analyze version=0.0.2, log level=Level(Warn) +--------------------------+---------+---------------+--------------------+------------+------------+ | Component | Version | Version State | Vulnerabilities | Processing | Result | +--------------------------+---------+---------------+--------------------+------------+------------+ | WordPress | 4.9.10 | Latest | No vulnerabilities | Ok | Ok | | Main Theme | 3.2.1 | Latest | No vulnerabilities | Ok | Ok | | Plugin: wp-super-cache | 1.6.3 | Outdated | No vulnerabilities | Ok | Outdated | | Plugin: wordpress-seo | 8.0 | Outdated | 1 vulnerabilities | Ok | Vulnerable | | Plugin: jm-twitter-cards | 9.4 | Outdated | No vulnerabilities | Ok | Outdated | +--------------------------+---------+---------------+--------------------+------------+------------+ Analyzer result summary: outdated=3, vulnerabilities=1, failed=0

echo $? 11 ```

Help

man 1 wpscan-analyze

Installation

Ubuntu [x86_64]

Please add my PackageCloud open source repository and install wpscan-analyze via apt.

bash curl -s https://packagecloud.io/install/repositories/lukaspustina/opensource/script.deb.sh | sudo bash sudo apt-get install wpscan-analyze

Linux Binaries [x86_64]

There are binaries available at the GitHub release page. The binaries get compiled on Ubuntu.

macOS Binaries [x86_64]

There are binaries available at the GitHub release page.

Sources

Please install Rust via rustup and then run

bash git clone https://github.com/lukaspustina/wpscan-analyze cd wpscan-analyze cargo build

Postcardware

You're free to use wpscan-analyze. If you find it useful, I would highly appreciate you sending me a postcard from your hometown mentioning how you use wpscan-analyze. My work address is

``` Lukas Pustina CenterDevice GmbH Rheinwerkallee 3 53227 Bonn German