WPSploit Logo

WPSploit

0
Free
Visit Website

WPSploit is a repository designed for creating and/or porting specific exploits for WordPress using Metasploit as an exploitation tool. It currently contains 45 modules (15 exploits and 30 auxiliaries). For usage, download the modules to a directory, and refer to the official documentation of Metasploit for loading external modules. All modules are based on the WPScan Vulnerability Database (WPVDB). For contributions, fork the repository, create a new feature branch, commit changes, and create a new pull request. Questions and suggestions can be sent to robertoespreto[at]gmail.com.

FEATURES

ALTERNATIVES

A tool for recursively querying webservers

A subdomain enumeration tool for penetration testers and security researchers.

A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.

A C#-based Command and Control Framework for remote access and control of compromised systems.

RTA provides a framework of scripts for blue teams to test detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.

High-performant, coroutines-driven, and fully customisable Low & Slow load generator for real-world pentesting with undetectability through Tor.

C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.

Setup script for Regon-ng