wpscan-analyze 1.0.0

Analyzes wpscan json output and checks for vulnerabilities
Documentation

wpscan-analyze

Analyzes wpscan json output and checks for vulnerabilities

Linux and macOS Build Status codecov GitHub release MIT licensed

wpscan checks WordPress installation for outdated versions, plugins, and themes. wpscan analysis wpscan's JSON output and signals results via exit status, JSON and human readable out.

Basic Usage

wpscan needs an input file in JSON format generated by a run of wpscan against a WordPress installation.

Run wpscan

wpscan --url https://lukas.pustina.de --update --output wpscan.json --format json

Run wpscan-analyze

> wpscan -f wpscan.json
wpscan-analyze version=0.0.2, log level=Level(Warn)
+--------------------------+---------+---------------+--------------------+------------+------------+
| Component                | Version | Version State | Vulnerabilities    | Processing | Result     |
+--------------------------+---------+---------------+--------------------+------------+------------+
| WordPress                | 4.9.10  |    Latest     | No vulnerabilities |     Ok     |     Ok     |
| Main Theme               | 3.2.1   |    Latest     | No vulnerabilities |     Ok     |     Ok     |
| Plugin: wp-super-cache   | 1.6.3   |   Outdated    | No vulnerabilities |     Ok     |  Outdated  |
| Plugin: wordpress-seo    | 8.0     |   Outdated    | 1 vulnerabilities  |     Ok     | Vulnerable |
| Plugin: jm-twitter-cards | 9.4     |   Outdated    | No vulnerabilities |     Ok     |  Outdated  |
+--------------------------+---------+---------------+--------------------+------------+------------+
Analyzer result summary: outdated=3, vulnerabilities=1, failed=0

> echo $?
11

Help

man 1 wpscan-analyze

Installation

Ubuntu [x86_64]

Please add my PackageCloud open source repository and install wpscan-analyze via apt.

curl -s https://packagecloud.io/install/repositories/lukaspustina/opensource/script.deb.sh | sudo bash
sudo apt-get install wpscan-analyze

Linux Binaries [x86_64]

There are binaries available at the GitHub release page. The binaries get compiled on Ubuntu.

macOS Binaries [x86_64]

There are binaries available at the GitHub release page.

Sources

Please install Rust via rustup and then run

git clone https://github.com/lukaspustina/wpscan-analyze
cd wpscan-analyze
cargo build

Postcardware

You're free to use wpscan-analyze. If you find it useful, I would highly appreciate you sending me a postcard from your hometown mentioning how you use wpscan-analyze. My work address is

Lukas Pustina
CenterDevice GmbH
Rheinwerkallee 3
53227 Bonn
German