WPScan, a WordPress Vulnerability Scanner for Android was just released. The app was developed by Alessio Dalla Piazza, an Android hacker and is available to download from the Google Play Store. Besides .htaccess tweaking and security plugin used to secure your WordPress site, I believe WPScan to be another great tool to do basic penetration testing to your own website.
The app will attempt to find known security flaw within WordPress installations. If you prefer to use it on your desktop, you might be interested in the desktop version of the WPScan. The desktop version is great with many advance features. However it is found to be quite slow.
The Android version of WPScan includes user enumeration and will detect timthumb file, theme and WordPress version and notify you. It also come with few other advance features.
The author is also kind enough to release the full source code that is available from Github. For those interested in the Android version, don’t forget to download it from Google Play.
via The Hacker News
Update: Please note that the Android version of the WPScan is not the official app by WPScan.
ryan says
Thanks for the mention of WPScan but please be aware that the Android application mentioned has nothing to do with WPScan. It is a completely different project.
Thanks. Will update the post soon.
VIVEK KUMAR says
Thanks, This is new one i had ever known in wordpress…
Thanks for sharing..