Argus-WP is a powerful WordPress vulnerability scanner designed to uncover vulnerabilities, misconfigurations, and security concerns in websites. Featuring advanced detection techniques for plugins, themes, and configuration checks, it helps maintain WordPress security without needing an API key for its vulnerability database.
Argus-WP: A Comprehensive WordPress Vulnerability Scanner
Argus-WP is an advanced security scanner designed to identify vulnerabilities, misconfigurations, and other security issues within WordPress installations. This tool leverages a variety of fingerprinting techniques to provide an in-depth analysis of WordPress sites.
Key Features
- WordPress Version Detection: Utilize multiple fingerprinting methods to detect versions.
- Plugin Enumeration: Identify installed plugins and their known vulnerabilities.
- Theme Enumeration: Discover themes in use and associated security risks.
- Configuration Checks: Review configurations including XML-RPC and WP-Cron registration status.
- Vulnerability Database: Access a rich database powered by WPVulnerability.net without the need for an API key.
Getting Started
Using Argus-WP is straightforward and can be performed using Docker or by running from source. Below are several common commands for quick scanning:
Basic Scanning Commands
To perform a basic scan of a WordPress site, the following command can be used:
python argus-wp.py scan https://example.com
For those utilizing Docker, the command is:
docker run --rm argus-wp scan https://example.com
Enumerating Plugins and Themes
To enumerate installed plugins and themes, the command is:
python argus-wp.py scan https://example.com --enumerate p,t
Save Output to JSON
For exporting scan results to a JSON format:
python argus-wp.py scan https://example.com -o results.json -f json
Scan Modes
Argus-WP offers various scanning modes to suit different testing needs:
- Passive: Only passive detection (no active probing).
- Normal: Standard active scanning (default mode).
- Aggressive: In-depth scanning with comprehensive enumeration.
- Stealth: Slower scans to avoid detection, ideal for cautious assessments.
Usage Options
A variety of options are available for more tailored scans:
Usage: argus-wp.py scan [OPTIONS] URL
Options:
-t, --targets PATH File containing a list of URLs to scan (one per line).
--urls TEXT Multiple URLs to scan (can be repeated).
-e, --enumerate [p|t|all] Enumerate plugins (p), themes (t), or both.
--threads INTEGER Number of concurrent threads (default: 5).
--timeout INTEGER Request timeout in seconds (default: 10).
--random-agent Use random User-Agent strings.
--user-agent TEXT Custom User-Agent string.
--proxy TEXT Proxy URL (e.g., http://127.0.0.1:8080).
-o, --output PATH Output file path.
-f, --format [cli|json] Output format (default: cli).
-v, --verbose Enable verbose output.
--debug Enable debug output.
--no-color Disable colored output.
--mode [passive|normal|aggressive|stealth]
Set scan mode (default: normal).
--rate-limit FLOAT Delay between requests in seconds (default: 0).
--no-ssl-verify Disable SSL certificate verification.
--help Display this help message.
Security and Ethical Use
It is critical to note that Argus-WP should only be used on WordPress sites that are owned or for which explicit permission has been granted. Unauthorized scanning may violate legal regulations. Adhere to responsible disclosure guidelines and respect the integrity of server resources.
Contribution and Support
Contributions to Argus-WP are welcome. Users can report issues or suggest improvements through the issues section available on the project’s GitHub page.
For further development practices, including running tests and code formatting, refer to the README documentation.
No comments yet.
Sign in to be the first to comment.