We are very excited to announce a new addition to our online Suite - a tool that will help you find vulnerabilities in WordPress blogs and other WordPress-based web software - we simply call WPScanner.
What Is It
The WPScanner is a very advanced, web vulnerability scanner specifically designed to test WordPress installations. It is very quick, precise and heavily tested in production with our partners and as part of the bug bounty programs we actively participate in. The WPScanner is a WordPress security testing technology like no other and we are really excited to have it as part of the Websecurify web security toolkit.
Why Use It
The main difference between WPScanner and the Scanner, Foundation or any other automated security testing solution for that matter, is that it is optimized to test WordPress only. You do not have to configure it. You simply need to point it to the WordPress blog you want to test and you can be certain that it will be quick the deliver the right kind of results.
How Does It Work
The WPScanner performs the standard types of tests plus additional tests to enumerate default themes and plugins. WordPress constomizations are checked for versions that match the versions in our WordPress Vulnerability Database. All vulnerable themes and plugins are reported with their corresponding CVE, OSVDB and Explot-DB entries for further information.
We belive that the WPScanner will become one of the most useful tools online to easily help you find vulnerabilities in WordPress in live and pre-live blogs and applications. Don't let the bad guys catch you off guard when it takes only a moment to ensue that you are secure.