{"id":48147515,"url":"https://github.com/ihuzaifashoukat/wpaudit","last_synced_at":"2026-04-04T17:01:42.968Z","repository":{"id":294409812,"uuid":"986495654","full_name":"ihuzaifashoukat/wpaudit","owner":"ihuzaifashoukat","description":"WPAUDIT: Advanced Python-based WordPress security auditing suite \u0026 vulnerability scanner. Automates pentesting with Nmap, WPScan, Nuclei, SQLMap. Comprehensive reports. Ideal for ethical hackers \u0026 Kali Linux.","archived":false,"fork":false,"pushed_at":"2025-05-20T09:02:52.000Z","size":253,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-20T10:24:09.968Z","etag":null,"topics":["cybersecurity","ethical-hacking","information-security","kali-linux","nmap","nuclei","penetration-testing","penetration-tool","python","security-audit","security-automation","security-tools","sqlmap","vulnerbility-analysis","vulnerbility-research","wordpress","wordpress-security","wordpress-vulnerability","wpscan"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ihuzaifashoukat.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-19T17:39:37.000Z","updated_at":"2025-05-20T09:27:42.000Z","dependencies_parsed_at":"2025-05-20T10:34:18.369Z","dependency_job_id":null,"html_url":"https://github.com/ihuzaifashoukat/wpaudit","commit_stats":null,"previous_names":["ihuzaifashoukat/wpaudit"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ihuzaifashoukat/wpaudit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ihuzaifashoukat%2Fwpaudit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ihuzaifashoukat%2Fwpaudit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ihuzaifashoukat%2Fwpaudit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ihuzaifashoukat%2Fwpaudit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ihuzaifashoukat","download_url":"https://codeload.github.com/ihuzaifashoukat/wpaudit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ihuzaifashoukat%2Fwpaudit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31407391,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T10:20:44.708Z","status":"ssl_error","status_checked_at":"2026-04-04T10:20:06.846Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","ethical-hacking","information-security","kali-linux","nmap","nuclei","penetration-testing","penetration-tool","python","security-audit","security-automation","security-tools","sqlmap","vulnerbility-analysis","vulnerbility-research","wordpress","wordpress-security","wordpress-vulnerability","wpscan"],"created_at":"2026-04-04T17:01:41.055Z","updated_at":"2026-04-04T17:01:42.718Z","avatar_url":"https://github.com/ihuzaifashoukat.png","language":"Python","readme":"# WPAUDIT - Advanced WordPress Security Auditing Suite\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE.txt)\n[![Python 3.7+](https://img.shields.io/badge/python-3.7+-blue.svg)](https://www.python.org/downloads/release/python-370/)\n[![GitHub stars](https://img.shields.io/github/stars/ihuzaifashoukat/wpaudit.svg?style=social\u0026label=Star\u0026logo=github)](https://github.com/ihuzaifashoukat/wpaudit/stargazers)\n[![GitHub forks](https://img.shields.io/github/forks/ihuzaifashoukat/wpaudit.svg?style=social\u0026label=Fork\u0026logo=github)](https://github.com/ihuzaifashoukat/wpaudit/network/members)\n[![GitHub issues](https://img.shields.io/github/issues/ihuzaifashoukat/wpaudit.svg)](https://github.com/ihuzaifashoukat/wpaudit/issues)\n[![GitHub last commit](https://img.shields.io/github/last-commit/ihuzaifashoukat/wpaudit.svg)](https://github.com/ihuzaifashoukat/wpaudit/commits/main)\n\nWelcome to the official WPAUDIT documentation! This comprehensive guide provides an in-depth overview of WPAUDIT, a powerful **WordPress security audit tool** designed for ethical hackers, penetration testers, and security professionals. Learn about its advanced features, setup, and effective usage for conducting thorough **WordPress vulnerability scanning** and **WordPress penetration testing**.\n\n## Table of Contents\n\n- [WPAUDIT - Advanced WordPress Security Auditing Suite](#wpaudit---advanced-wordpress-security-auditing-suite)\n  - [Table of Contents](#table-of-contents)\n  - [Overview](#overview)\n  - [Key Features of WPAUDIT - Your Expert WordPress Vulnerability Scanner](#key-features-of-wpaudit---your-expert-wordpress-vulnerability-scanner)\n  - [Technical Architecture: How WPAUDIT Works](#technical-architecture-how-wpaudit-works)\n  - [Extending WPAUDIT](#extending-wpaudit)\n  - [Understanding Scan Profiles](#understanding-scan-profiles)\n  - [The ScanState Object](#the-scanstate-object)\n  - [Prerequisites](#prerequisites)\n    - [Software:](#software)\n    - [External Tools Integration:](#external-tools-integration)\n  - [Installation Guide for WPAUDIT](#installation-guide-for-wpaudit)\n    - [General Setup](#general-setup)\n    - [Kali Linux Specific Setup](#kali-linux-specific-setup)\n  - [Development Setup](#development-setup)\n  - [Usage](#usage)\n  - [Configuration](#configuration)\n  - [Scan Phases](#scan-phases)\n  - [Output and Reporting](#output-and-reporting)\n  - [Contributing to WPAUDIT](#contributing-to-wpaudit)\n    - [Support the Project](#support-the-project)\n  - [Troubleshooting Common Issues](#troubleshooting-common-issues)\n  - [Roadmap / Future Enhancements](#roadmap--future-enhancements)\n  - [License](#license)\n\n## Overview\n\nWPAUDIT is a hyper-configurable, modular **WordPress security auditing suite** engineered to automate and streamline the process of identifying vulnerabilities and security weaknesses in WordPress installations. As a leading **automated WordPress security** tool, WPAUDIT empowers users to perform detailed security assessments, making it an essential utility for any **WordPress penetration testing tool** kit, especially when operating on platforms like **Kali Linux**. Its modular architecture allows for highly customized scans tailored to specific target environments and auditing requirements.\n\n## Key Features of WPAUDIT - Your Expert WordPress Vulnerability Scanner\n\n*   **Modular Scan Phases:** Executes distinct security checks in sequence (Preflight, Nmap, WPScan, REST API Analysis, Parameter Fuzzing, Nuclei, SQLMap, Exploit Intel).\n*   **Configurable Profiles:** Supports different scan profiles (`default`, `stealth`, `aggressive`) for varying levels of intensity and stealthiness.\n*   **Flexible Configuration:** Uses YAML/JSON configuration files for detailed control over tool paths, API keys, scan parameters, and output settings.\n*   **Command-Line Overrides:** Allows overriding specific configuration settings directly via CLI arguments for quick adjustments.\n*   **Phase Skipping:** Users can choose to skip specific scan phases.\n*   **Tool Dependency Checking:** Verifies the presence and configuration of required external tools before starting the scan.\n*   **State Management:** Tracks scan progress and findings, saving the state incrementally.\n*   **Reporting:** Generates a console summary, a comprehensive JSON state file, and an interactive HTML report for easy analysis and sharing.\n*   **Interactive Mode:** Optionally prompts the user for confirmation before potentially intrusive actions, ensuring control over the scan.\n*   **Cross-Platform Compatibility:** While optimized for environments like **Kali Linux**, WPAUDIT is a Python-based tool and can run on various operating systems where Python and the external tools are supported.\n\n## Technical Architecture: How WPAUDIT Works\n\nWPAUDIT operates through a coordinated system of core components and specialized scanner modules:\n\n*   **`main.py` (Orchestrator):** The central script that parses command-line arguments, loads configurations, initializes the scan state, and sequentially executes the defined scan phases.\n*   **`core/` Modules:**\n    *   `config_loader.py`: Manages loading and merging of YAML configuration files.\n    *   `state.py`: Handles the `ScanState` object, which stores all findings, metadata, and progress throughout the scan. It supports saving and loading the state.\n    *   `tool_checker.py`: Verifies the availability and (optionally) versions of required external command-line tools.\n    *   `tool_runner.py`: A robust wrapper for executing external tools, managing timeouts, and capturing output.\n    *   `utils.py`: Contains various helper functions used across the application.\n*   **`modules/` Directory:** Contains individual Python scripts for each scan phase or specific tool integration (e.g., `nmap_scanner.py`, `wpscan_auditor.py`, `wp_analyzer/` sub-package for detailed WordPress checks). Each module typically has a `run_scan` or `run_analysis` function called by `main.py`.\n*   **`reporting/` Directory:**\n    *   `generator.py`: Responsible for creating the text summary and HTML reports from the final `ScanState`.\n    *   `report_template.html`: A Jinja2 template used to render the HTML report.\n*   **`config/` Directory:** Contains default configuration files (`default_config.yaml`) that users can adapt.\n\nThe scan proceeds through phases defined in `main.py`, with each phase potentially updating the shared `ScanState` object. This state is saved periodically and at the end of the scan, forming the basis for the final reports.\n\n## Extending WPAUDIT\n\nWPAUDIT is designed to be modular, allowing for the addition of new scanning capabilities. If you wish to add a new scanner module:\n\n1.  **Create a New Module File**: Add a new Python file in the `modules/` directory (or a sub-directory like `modules/wp_analyzer/` for more specific WordPress checks). For example, `modules/new_scanner_module.py`.\n2.  **Implement the Scan Logic**:\n    *   Your module should typically define a main function, e.g., `run_scan(target_url, scan_state, config, tool_runner, logger)`.\n    *   This function will receive the target URL, the current `ScanState` object, the global configuration, an instance of `ToolRunner` (if external tools are needed), and a logger instance.\n    *   Perform your checks and update the `scan_state.findings` dictionary with your results. For example: `scan_state.findings['new_scanner_results'] = {'vulnerabilities': [...]}`.\n    *   Use the provided `logger` for any output specific to your module.\n3.  **Integrate into Main Workflow (`main.py`)**:\n    *   Import your module's `run_scan` function at the top of `main.py`.\n    *   Add a unique string key for your new phase (e.g., `'new_scanner_phase'`) to the `PHASES` list in `main.py`, placing it in the desired order of execution.\n    *   In the main scan loop within `main.py` (the `for phase in active_phases:` loop), add an `elif phase == 'new_scanner_phase':` block to call your module's `run_scan` function.\n    *   Ensure you pass all necessary arguments (target URL, scan state, config, tool runner, logger).\n4.  **Configuration (Optional)**:\n    *   If your module requires specific configurations (e.g., API keys, special parameters), add them to `config/default_config.yaml`.\n    *   Access these configurations within your module via the `config` object passed to your `run_scan` function.\n5.  **Tool Dependencies (If any)**:\n    *   If your module uses new external tools, add them to the `tool_paths` section in `config/default_config.yaml` and update `core/tool_checker.py` to include checks for these tools.\n6.  **Update Documentation**: Add details about your new module to this README, including its purpose, any new configuration options, and the nature of the output it produces. Also, mention it in the \"Scan Phases\" section.\n7.  **Add Tests**: Write unit tests for your new module's functionality and place them in the `tests/` directory (you might need to create this directory and a `tests/test_new_scanner_module.py` file).\n\nThis modular approach helps keep the codebase organized and makes it easier to contribute new functionalities.\n\n## Understanding Scan Profiles\n\nWPAUDIT offers scan profiles (`default`, `stealth`, `aggressive`) to tailor the scan intensity and techniques:\n\n*   **`default`**: A balanced profile suitable for most initial assessments, providing good coverage without being overly intrusive.\n*   **`stealth`**: Designed for less noisy scans. This profile typically uses passive techniques where possible, makes fewer requests, employs slower timings for tools like Nmap, and may use a more restricted set of Nuclei templates. Ideal when trying to minimize the scan's footprint or avoid detection by WAFs/IPS.\n*   **`aggressive`**: A comprehensive and potentially noisy profile. It enables more checks, deeper fuzzing (if configured), scans all TCP ports with Nmap using more intrusive scripts, and utilizes a broader set of Nuclei templates. This profile provides the most thorough assessment but should be used with caution and only with explicit authorization due to its potential impact on the target system.\n\nEach profile in `config.yaml` allows customization of options for Nmap (`nmap_options`, `nmap_ports`, `nmap_scripts`), WPScan (`wpscan_options`), Nuclei (`nuclei_templates`), SQLMap (`sqlmap_options_profile`, `sqlmap_tamper_scripts_profile`), and other modules, giving you fine-grained control over the tools' behavior within each profile.\n\n## The ScanState Object\n\nThroughout its execution, WPAUDIT maintains a central `ScanState` object (managed by `core/state.py`). This object is crucial as it serves as the live repository for:\n\n*   **Scan Metadata:** Information about the target (URL, IP), scan start/end times, and the configuration profile used.\n*   **Tool Check Results:** Status of required external tools (e.g., if Nmap was found and its version).\n*   **Module Findings:** All data collected by each executed module is stored here, typically organized by module name (e.g., `findings['nmap_results']`, `findings['wpscan_results']`, `findings['wp_analyzer']['security_headers_analysis']`).\n*   **Actionable Intelligence:** Lists of critical alerts, summary points for quick review, and detailed remediation suggestions.\n*   **Tool Errors:** Any errors encountered during the execution of external tools.\n\nThe entire `ScanState` is saved as a JSON file (e.g., `wpaudit_state_target_timestamp_FULL_REPORT.json`) in the configured output directory. This file allows for:\n*   Detailed post-scan analysis and data mining.\n*   Auditing the scan process itself.\n*   Potentially resuming scans or re-processing data in future versions of WPAUDIT.\n*   Feeding data into other security information and event management (SIEM) systems or reporting tools.\n\n## Prerequisites\n\n### Software:\n*   **Python:** Version 3.7 or higher.\n*   **Python Libraries:** `PyYAML`, `requests` (Install via `pip install -r requirements.txt`).\n\n### External Tools Integration:\nWPAUDIT seamlessly integrates with a suite of industry-standard security tools. For optimal performance, especially on systems like **Kali Linux for ethical hacking**, ensure these are installed and correctly configured (accessible in your system's PATH or specified in `config.yaml`):\n*   **Nmap:** Essential for network discovery, port scanning, and service version detection.\n*   **WPScan:** The core **WordPress vulnerability scanner** for identifying issues in WordPress core, plugins, and themes. (A WPScan API token is highly recommended for up-to-date vulnerability data).\n*   **Nuclei:** Powerful template-based scanner for finding a wide range of vulnerabilities using community-curated templates.\n*   **SQLMap:** The leading tool for detecting and exploiting SQL injection flaws.\n*   **SearchSploit:** Command-line interface for Exploit-DB, used to find relevant public exploits.\n*   **Metasploit Framework (msfconsole):** For leveraging exploit modules and auxiliary tools (use with extreme caution and authorization).\n*   **Subfinder:** For efficient passive subdomain enumeration.\n*   **ffuf:** Fast web fuzzer used for directory and path bruteforcing.\n*   **Arjun:** HTTP parameter discovery suite.\n*   *(Other tools might be implicitly required by specific modules - refer to module code if needed. WPAUDIT is designed to be a comprehensive WordPress security audit tool.)*\n\n## Installation Guide for WPAUDIT\n\nFollow these steps to get WPAUDIT up and running on your system.\n\n### General Setup\n\n1.  **Clone the repository:**\n    ```bash\n    git clone https://github.com/ihuzaifashoukat/wpaudit\n    cd wpaudit # Or your project directory name\n    ```\n2.  **Install Python dependencies (Recommended: Use a Virtual Environment):**\n    It's highly recommended to use a Python virtual environment to manage dependencies and avoid conflicts with system-wide packages.\n    *   Create a virtual environment:\n        ```bash\n        python3 -m venv venv \n        ```\n        (Replace `venv` with your preferred environment name if desired)\n    *   Activate the virtual environment:\n        *   On Linux/macOS:\n            ```bash\n            source venv/bin/activate\n            ```\n        *   On Windows:\n            ```bash\n            .\\venv\\Scripts\\activate\n            ```\n    *   Install dependencies:\n        ```bash\n        pip install -r requirements.txt\n        ```\n3.  **Install External Tools:** WPAUDIT relies on several external security tools. Ensure they are installed and accessible in your system's PATH, or their paths are correctly specified in your `config.yaml`. Refer to the \"External Tools Integration\" section for a list of tools. Installation methods vary by OS and tool.\n\n4.  **Configure:**\n    *   Copy or rename `config/default_config.yaml` to `config/config.yaml` (or use a custom path).\n    *   Edit the configuration file (`config.yaml`) to:\n        *   Set the correct paths for the external tools if they are not in your system's PATH.\n        *   Add your WPScan API token under `api_keys`.\n        *   Adjust profile settings and other parameters as needed.\n\n### Kali Linux Specific Setup\n\nKali Linux has specific considerations for Python package management and comes with many security tools pre-installed or easily available.\n\n1.  **Clone the repository (if not already done):**\n    ```bash\n    git clone https://github.com/ihuzaifashoukat/wpaudit\n    cd wpaudit\n    ```\n\n2.  **Set up Python Virtual Environment (Highly Recommended on Kali):**\n    Kali Linux uses an \"externally managed\" Python environment. To avoid issues, always use a virtual environment for Python projects.\n    ```bash\n    python3 -m venv venv\n    source venv/bin/activate\n    ```\n    Your terminal prompt should change to indicate the virtual environment is active (e.g., `(venv) user@kali:~/wpaudit$`).\n\n3.  **Install Python Dependencies:**\n    With the virtual environment activated:\n    ```bash\n    pip install -r requirements.txt\n    ```\n\n4.  **Install/Verify External Tools on Kali Linux:**\n    Many tools are available via `apt`. You can try to install them using:\n    ```bash\n    sudo apt update\n    sudo apt install -y nmap wpscan nuclei sqlmap exploitdb metasploit-framework subfinder ffuf arjun wafw00f\n    ```\n    **Notes on Kali Tool Installation:**\n    *   `wpscan`: The command `apt install wpscan` should work on most up-to-date Kali systems. If it doesn't, or if you need a newer version than what `apt` provides, you can install/update it using RubyGems:\n        ```bash\n        sudo apt install -y ruby ruby-dev build-essential\n        sudo gem install wpscan\n        ```\n    *   `searchsploit`: This tool is part of the `exploitdb` package. The command `sudo apt install -y exploitdb` should install it. If you encounter issues or want the very latest version, you can clone it directly: `git clone https://gitlab.com/exploit-database/exploitdb.git /opt/exploitdb` (and then add `/opt/exploitdb` to your PATH or symlink `searchsploit`).\n    *   `nuclei`, `subfinder`, `ffuf`, `arjun`: These are often Go-based tools. If not available via `apt` or if you need the latest versions, you might need to download their precompiled binaries from their official GitHub release pages or install them using `go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest` (requires Go to be installed: `sudo apt install golang-go`).\n    *   Always verify that the tools are correctly installed and accessible in your PATH. WPAUDIT's `tool_paths` in `config.yaml` can be used to specify direct paths if needed.\n    *   `metasploit-framework` is a large package and might take time to install.\n\n5.  **Configure WPAUDIT:**\n    Proceed with the configuration steps mentioned in the \"General Setup\" (copying `default_config.yaml` to `config.yaml` and editing it).\n\n## Development Setup\n\nFor those looking to contribute to WPAUDIT development, here's how to set up your environment:\n\n1.  **Follow the [Installation Guide](#installation-guide-for-wpaudit)**: Ensure you have a working installation, preferably within a virtual environment.\n2.  **Install Development Dependencies**: To ensure code quality and run tests, install the necessary development tools.\n    ```bash\n    pip install black flake8 isort mypy pytest pytest-cov\n    ```\n3.  **Code Style \u0026 Linting**: We use `black` for formatting, `flake8` for linting, `isort` for import sorting, and `mypy` for type checking.\n    *   It's recommended to configure your IDE to use these tools. Alternatively, run them manually from the project root:\n        ```bash\n        black .\n        flake8 .\n        isort .\n        mypy . --ignore-missing-imports\n        ```\n        *(Note: `--ignore-missing-imports` for mypy can be useful initially if stubs for all dependencies are not present.)*\n4.  **Running Tests**: Ensure all tests pass before submitting contributions. We use `pytest`.\n    ```bash\n    pytest\n    ```\n    To include coverage reports:\n    ```bash\n    pytest --cov=. --cov-report html\n    ```\n    This will generate an HTML coverage report in `htmlcov/index.html`.\n    Refer to [CONTRIBUTING.md](CONTRIBUTING.md) for more details on code style and contribution processes.\n\n## Usage\n\nRun the main script from the project's root directory:\n\n```bash\npython main.py \u003ctarget_url\u003e [options]\n```\n\n**Arguments:**\n\n*   `target_url`: (Required) The target WordPress URL (e.g., `http://example-wp.com`).\n\n**Common Options:**\n\n*   `--config \u003cpath/to/config.yaml\u003e`: Specify a custom configuration file.\n*   `--profile \u003cprofile_name\u003e`: Select a scan profile (`default`, `stealth`, `aggressive`). Default is `default`.\n*   `--skip-phases \u003cphase1\u003e \u003cphase2\u003e ...`: List of phases to skip (e.g., `--skip-phases nmap sqlmap`).\n*   `--wpscan-api-token \u003ctoken\u003e`: Override the WPScan API token from the config file.\n*   `--wordlist \u003cpath/to/wordlist\u003e`: Override the wordlist path for WPScan password attacks.\n*   `--interactive` / `--no-interactive`: Enable/disable interactive prompts (overrides config).\n*   `--sqlmap-targets \u003curl1\u003e \u003curl2\u003e ...`: Provide specific URLs for SQLMap to test, in addition to those found by Nuclei.\n*   `--output-dir \u003cpath/to/output\u003e`: Override the output directory specified in the config.\n\n**Examples:**\n\n*   **Basic Scan (Default Profile):**\n    ```bash\n    python main.py https://targetwordpress.com\n    ```\n*   **Aggressive Scan with Custom Config:**\n    ```bash\n    python main.py https://targetwordpress.com --profile aggressive --config config/my_aggressive_scan.yaml\n    ```\n*   **Skip Nmap and SQLMap:**\n    ```bash\n    python main.py https://targetwordpress.com --skip-phases nmap sqlmap\n    ```\n*   **Override WPScan Token and Output Directory:**\n    ```bash\n    python main.py https://targetwordpress.com --wpscan-api-token YOUR_TOKEN --output-dir /tmp/scan_results\n    ```\n\n## Configuration\n\nThe primary configuration is managed through a YAML file (e.g., `config/config.yaml`, based on `config/default_config.yaml`). Key sections include:\n*   `tool_paths`: Paths to external tool executables.\n*   `api_keys`: API keys for services like WPScan.\n*   `output_dir`: Directory to store scan results and reports.\n*   `interactive_prompts`: Enable/disable user confirmation prompts.\n*   `scan_profiles`: Defines settings for `default`, `stealth`, and `aggressive` profiles, controlling parameters for each tool/phase.\n*   `wordlist_path`: Default path to the wordlist for password attacks.\n\nRefer to `config/default_config.yaml` for detailed structure and options.\n\n## Scan Phases\n\nThe tool executes the following phases in order (unless skipped):\n\n1.  **Preflight:** Initial checks (e.g., target reachability, basic WordPress detection).\n2.  **Nmap:** Performs network scanning using Nmap based on the selected profile's configuration.\n3.  **WPScan:** Runs WPScan to identify WordPress version, themes, plugins, users, and known vulnerabilities.\n4.  **REST API / Parameter Fuzzing (wp_analyzer):** Analyzes the WordPress REST API endpoints and potentially fuzzes parameters (details depend on `wp_analyzer.py` implementation).\n5.  **Nuclei:** Executes Nuclei scans using WordPress-related templates to find vulnerabilities. Hints for potential SQL injection points might be gathered here.\n6.  **SQLMap:** Attempts to detect and exploit SQL injection vulnerabilities using SQLMap, potentially using hints from Nuclei or user-provided targets.\n7.  **Exploit Intel:** Gathers information about potential exploits for discovered vulnerabilities (details depend on `exploit_intel.py` implementation).\n\n## Output and Reporting\n\nWPAUDIT provides comprehensive reporting to detail the findings of your **WordPress security audit**:\n*   **Console Output:** Real-time feedback and progress updates during the scan.\n*   **JSON State File:** A detailed JSON file (`wpaudit_state_\u003chostname\u003e_\u003ctimestamp\u003e.json`) is saved in the output directory. This file contains all raw data, findings, and configurations from each module, serving as a complete record of the **WordPress vulnerability scanning** process.\n*   **Text Summary Report:** A human-readable summary (`wpaudit_summary_\u003chostname\u003e_\u003ctimestamp\u003e.txt`) highlighting key findings and critical alerts.\n*   **HTML Report:** An interactive HTML report (`wpaudit_report_\u003chostname\u003e_\u003ctimestamp\u003e.html`) offering a structured and user-friendly view of the scan results, ideal for sharing and analysis.\n\n## Contributing to WPAUDIT\n\nWe welcome contributions to WPAUDIT! If you're interested in improving this **WordPress penetration testing tool**, please read our [**Contributing Guidelines (CONTRIBUTING.md)**](CONTRIBUTING.md) and our [**Code of Conduct (CODE_OF_CONDUCT.md)**](CODE_OF_CONDUCT.md).\n\nKey ways to contribute:\n*   **Reporting Bugs:** Submit detailed bug reports via the project's issue tracker. Include steps to reproduce, WPAUDIT version, Python version, OS, and relevant logs.\n*   **Suggesting Features:** Propose new features or enhancements that would benefit the **automated WordPress security** capabilities of WPAUDIT. Explain the use case and potential benefits.\n*   **Submitting Pull Requests:** Fork the repository, make your changes in a separate feature branch, and submit a pull request with a clear description of your contributions. Please adhere to the guidelines in `CONTRIBUTING.md`, including coding style (e.g., PEP 8 for Python) and ensure your changes are well-tested. Adding unit tests for new functionality is highly encouraged.\n\n### Support the Project\n\nIf you find WPAUDIT useful and would like to support its development, consider buying me a coffee!\n\n[![Buy Me A Coffee](https://img.shields.io/badge/Buy%20Me%20A%20Coffee-ffdd00?style=for-the-badge\u0026logo=buy-me-a-coffee\u0026logoColor=black)](https://www.buymeacoffee.com/ihuzaifashoukat)\n\n\n## Troubleshooting Common Issues\n\n*   **Tool Not Found Errors:**\n    *   Ensure the external tool (e.g., Nmap, WPScan) is installed correctly and its executable is in your system's PATH.\n    *   Alternatively, specify the full path to the tool's executable in your `config.yaml` under the `tool_paths` section.\n    *   Verify the tool key name in `config.yaml` matches the one used internally by WPAUDIT (see `core/tool_checker.py`).\n*   **WPScan API Key Issues:**\n    *   If WPScan vulnerability data seems limited, ensure you have a valid WPScan API token specified in `config.yaml` (`api_keys.wpscan`) or via the `--wpscan-api-token` CLI argument.\n    *   Check the WPScan dashboard to ensure your API key is active and has not exceeded its quota.\n*   **Permission Denied Errors:**\n    *   Some tools or operations (like Nmap SYN scans or writing to certain directories) may require root/administrator privileges. Run WPAUDIT with `sudo` if necessary and appropriate for your environment, but understand the security implications.\n    *   Ensure WPAUDIT has write permissions to the specified `output_dir`.\n*   **Python Dependency Errors:**\n    *   Make sure all Python libraries listed in `requirements.txt` are installed in your Python environment (`pip install -r requirements.txt`).\n*   **Scan Hangs or Times Out:**\n    *   Increase tool-specific timeouts in `config.yaml` (e.g., `wpscan_timeout`, `nuclei_timeout`) if scanning a slow or complex target.\n    *   Check network connectivity to the target.\n    *   A WAF or IPS might be blocking or rate-limiting requests; consider using a \"stealth\" profile or adjusting rate limits.\n\n## Roadmap / Future Enhancements\n\nWPAUDIT is an evolving project. Potential future enhancements include:\n*   **Advanced Reporting:** More report formats (e.g., CSV, XML), customizable report templates, and integration with vulnerability management platforms.\n*   **Scan Resumption:** Ability to resume interrupted scans from the last saved state.\n*   **Plugin/Theme Specific Checks:** Deeper analysis of specific popular plugins/themes for known misconfigurations or vulnerabilities beyond what WPScan/Nuclei cover.\n*   **Enhanced WAF/IPS Evasion Techniques:** More sophisticated options for stealthy scanning.\n*   **Automated Exploit Chaining (Highly Experimental):** Exploring safe ways to test if combined vulnerabilities could lead to greater impact.\n\n## License\n\nWPAUDIT is released under the [MIT License](LICENSE.txt). Please see the `LICENSE.txt` file for full details.\n\nThis tool is intended for legal and ethical use only. The developers assume no liability and are not responsible for any misuse or damage caused by this program. Always ensure you have explicit, written authorization before performing any security testing on a target system.\n","funding_links":["https://www.buymeacoffee.com/ihuzaifashoukat"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fihuzaifashoukat%2Fwpaudit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fihuzaifashoukat%2Fwpaudit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fihuzaifashoukat%2Fwpaudit/lists"}