Developed a project to demonstrate web application-penetration testing.

WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites.

Various code snippets

A purple team exercise targeting a vulnerable Wordpress site.

# Web Application Penetration Testing Methodology A comprehensive step-by-step guide to performing professional web application penetration testing with essential tools and commands.

Web API Server using Python and WpScan.

Python tool for automating WPScan account creation and API token rotation.

Security plugin for Wordpress: No User Enumeration. https://wordpress.org/plugins/no-user-enumeration/

EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure

A professional shell-based cybersecurity toolkit for recon, exploitation, post-exploitation, malware analysis, and network monitoring.

A fully self-contained Docker image that orchestrates 20 security tools — Nuclei, ZAP, Dalfox, Arjun, WPScan, sqlmap, Nikto, testssl.sh, Shodan, and more — into a single 16-step scan pipeline. Passive recon, parameter discovery, XSS, SQLi, secrets detection, and full vulnerability coverage with one command.

🚀 (Simple, clear, and straight to the point)

MCP server for WPScan - WordPress security scanner

MCP Server for the WPScan (wpscan.com) API

Assistant work tool for wpscan.

A Wordpress vulnerability scanner

simple bash script to WPSCAN from targets file

a small wp brute forcing tool by ELAQ and I554M

Greenpeace Planet 4 vulnerabilities scan