WPScan Web Interface: running and scheduling WordPress scans

by do son · February 16, 2019

WPScan Web Interface

A centralized dashboard for running and scheduling WordPress scans powered by the wpscan utility. It has the following features:

Login Page-
- Authentication is required to access the application.
Dashboard Page-
- On-Demand Scan: Run scans instantly by either providing a URL or a text file having multiple URL’s separated by a new line as an input.
- Scan History: View or delete scan history and reports.
- Schedule Scan: Configure scans to run automatically, or on a recurring basis just like a cron job in Linux.
- Scheduled Scan History: Edit cron rule or delete any scheduled scan.
Report Page-
- View or print the details of vulnerabilities discovered after the scan completes.

Key Features

* Performs a scan for single or multiple WordPress applications asynchronously
* Supports both on-demand and scheduled scans (like a cron job)
* Cross-platform application

Install

* Download and Install Node.js- https://nodejs.org/en/download/
* Install wpscan- https://wpscan.org/
* git clone https://github.com/cyc10n3/WPScan_Web_Interface.git
* cd WPScan_Web_Interface
* npm install (for installing node modules or dependencies)
* npm start
* Open https://localhost:1337 or https://127.0.0.1:1337 in a browser
* Login with default credentials (admin/cyc10n3)

It is recommended to change the login password by modifying config.json file.

Author: Gaurav Mishra

Source: https://github.com/cyc10n3/