wpfinger is a red-team WordPress scanning tool.
- Core version detection
- Plugin scanning through fingerprinting
- Vulnerability output, using database from Wordfence
wpfinger update
Will update the database with the latest vulnerabilities and plugin fingerprint.
wpfinger scan -u https://example.com
| Flag | Description |
|---|---|
| --all | Will scan for all plugins, default is vulnerable only |
| --url | Target WordPress URL |
The installation is easy. You can download the pre-built binaries for your platform from the Releases page.
▶ chmod +x wpfinger
▶ mv wpfinger /usr/local/bin/wpfinger▶ go install github.com/LeakIX/wpfinger/cmd/wpfinger@latest
▶ ${GOPATH}/bin/wpfinger -hVulnerability database is courtesy of Wordfence.