WPScan

WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators.

Features

Detects vulnerable WordPress core, plugin, and theme versions
Enumerates users, media files, backups, and server info
Integration with WPScan vulnerability API for detailed results
Supports brute-force login tests and password enumeration
CLI and Docker-based usage for flexibility
Regularly updated vulnerability database

Project Samples

Project Activity

See All Activity >

Follow WPScan

WPScan Web Site

Other Useful Business Software

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Reviews

Be the first to post a review of WPScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Ruby

Related Categories

Ruby Security Software

Registered

2025-07-31

Similar Business Software

Patchstack

Patchstack is a comprehensive security solution designed to protect WordPress websites from vulnerabilities in plugins, themes, and the core platform. By automatically deploying highly targeted virtual patches, it mitigates high and medium-priority vulnerabilities without altering your site's...

See Software
WP Guardian

Keep your entire WordPress fleet up-to-date and protected. Embrace proactive security to maintain control and visibility over the status of both sites and servers, all in one place. Stay ahead of WordPress threats with continuous vulnerability monitoring and effective mitigation strategies. Gain...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Hakware Archangel

Hakware Archangel is an Artificial Intelligence based vulnerability scanner and pentesting tool. Archangel scanner enables organizations to monitor their networks, systems, and applications for security vulnerabilities with advanced Artificial intelligence continuously testing your...

See Software
WebScanner

DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications (websites). WebScanner will test a website’s security by carrying out a large number of attacks using the most advanced techniques, just...

See Software
WP Sandbox

Let your customers try your WordPress solutions in a customized sandbox before they buy. Front-end and back-end, fully customizable. Perfect for WordPress developers, designers, & agencies who want to let clients explore fully-functioning backend demos of their work. We’re loved by customer...

See Software

Report inappropriate content

WPScan

WPScan WordPress security scanner

Get an email when there's a new version of WPScan

Features

Project Samples

Project Activity

Categories

Follow WPScan

User Reviews

Additional Project Details

Operating Systems

Programming Language

Related Categories

Registered