wpscan-analyze

Analyzes wpscan json output and checks for vulnerabilities

Linux and macOS Build Status codecov GitHub release MIT licensed

wpscan checks WordPress installation for outdated versions, plugins, and themes. wpscan-analyze analyses wpscan's JSON output and signals results via exit status, JSON and human readable output.

Basic Usage

wpscan needs an input file in JSON format generated by a run of wpscan against a WordPress installation.

Run wpscan

wpscan --url https://lukas.pustina.de --update --output wpscan.json --format json

Run wpscan-analyze

```bash

wpscan -f wpscan.json wpscan-analyze version=0.0.2, log level=Level(Warn) +--------------------------+---------+---------------+--------------------+------------+------------+ | Component | Version | Version State | Vulnerabilities | Processing | Result | +--------------------------+---------+---------------+--------------------+------------+------------+ | WordPress | 4.9.10 | Latest | No vulnerabilities | Ok | Ok | | Main Theme | 3.2.1 | Latest | No vulnerabilities | Ok | Ok | | Plugin: wp-super-cache | 1.6.3 | Outdated | No vulnerabilities | Ok | Outdated | | Plugin: wordpress-seo | 8.0 | Outdated | 1 vulnerabilities | Ok | Vulnerable | | Plugin: jm-twitter-cards | 9.4 | Outdated | No vulnerabilities | Ok | Outdated | +--------------------------+---------+---------------+--------------------+------------+------------+ Analyzer result summary: outdated=3, vulnerabilities=1, failed=0

echo $? 11 ```

Help

man 1 wpscan-analyze

Installation

Ubuntu [x86_64]

Please add my PackageCloud open source repository and install wpscan-analyze via apt.

bash curl -s https://packagecloud.io/install/repositories/lukaspustina/opensource/script.deb.sh | sudo bash sudo apt-get install wpscan-analyze

Linux Binaries [x86_64]

There are binaries available at the GitHub release page. The binaries get compiled on Ubuntu.

macOS Binaries [x86_64]

There are binaries available at the GitHub release page.

Sources

Please install Rust via rustup and then run

bash git clone https://github.com/lukaspustina/wpscan-analyze cd wpscan-analyze cargo build

Postcardware

You're free to use wpscan-analyze. If you find it useful, I would highly appreciate you sending me a postcard from your hometown mentioning how you use wpscan-analyze. My work address is

``` Lukas Pustina CenterDevice GmbH Rheinwerkallee 3 53227 Bonn German