{"id":14955061,"url":"https://github.com/jonirinta-kahila/wpcracker","last_synced_at":"2025-10-24T07:30:48.265Z","repository":{"id":55397629,"uuid":"287849256","full_name":"JoniRinta-Kahila/WPCracker","owner":"JoniRinta-Kahila","description":"WordPress pentest tool","archived":false,"fork":false,"pushed_at":"2021-01-09T13:31:30.000Z","size":3766,"stargazers_count":41,"open_issues_count":0,"forks_count":8,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-01-29T08:33:54.599Z","etag":null,"topics":["attack","brute-force","brute-force-attacks","console-application","csharp","hacking-tool","linux","penetration-testing","pentesting","security","user-enumeration","windows","wordpress","wordpress-site"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JoniRinta-Kahila.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-08-16T00:53:09.000Z","updated_at":"2024-10-25T07:53:34.000Z","dependencies_parsed_at":"2022-08-14T23:20:46.565Z","dependency_job_id":null,"html_url":"https://github.com/JoniRinta-Kahila/WPCracker","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoniRinta-Kahila%2FWPCracker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoniRinta-Kahila%2FWPCracker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoniRinta-Kahila%2FWPCracker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JoniRinta-Kahila%2FWPCracker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JoniRinta-Kahila","download_url":"https://codeload.github.com/JoniRinta-Kahila/WPCracker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237932067,"owners_count":19389560,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack","brute-force","brute-force-attacks","console-application","csharp","hacking-tool","linux","penetration-testing","pentesting","security","user-enumeration","windows","wordpress","wordpress-site"],"created_at":"2024-09-24T13:10:28.476Z","updated_at":"2025-10-24T07:30:47.814Z","avatar_url":"https://github.com/JoniRinta-Kahila.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WPCracker\n\nWordPress user enumeration and login Brute Force tool for Windows and Linux\n\nWith the Brute Force tool, you can control how aggressive an attack you want to perform, and this affects the attack time required.\nThe tool makes it possible to adjust the number of threads as well as how large password batches each thread is tested at a time.\nHowever, too much attack power can cause the victim's server to slow down.\n\nFor example, When I attacked to my local server, it takes about two days to go through the rockyou.txt (14,341,564 unique passwords) when I used the program's presets for the number of threads (12) and the size of the batches (1000).\n\nIn this article, \"victim\" refers to the attacked WordPress site in pentest lab.\nAttacking a WordPress site for which you do not have permission may be illegal.\n\n# Using:\n\n## User Enumeration\n```Bash\n.\\WPCracker.exe --enum -u \u003cUrl to victims WordPress page\u003e -o \u003cOutput file path (OPTIONAL)\u003e\n```\n#### OR JUST\n```Bash\n.\\WPCracker.exe --enum\n```\nIn this case, the program only requests the required information\n\n## Brute Force\n\n### Using program's presets\n```Bash\n.\\WPCracker.exe --brute -u \u003cUrl to victims WordPress page\u003e -p \u003cPath to wordlist\u003e -n \u003cUsername\u003e -o \u003cOutput file path (OPTIONAL)\u003e\n```\n#### OR JUST\n```Bash\n.\\WPCracker.exe --brute\n```\nIn this case, the program only requests the required information\n\n### Using with custom settings\n```Bash\n.\\WPCracker.exe --brute -u \u003cUrl to victims WordPress page\u003e -p \u003cPath to wordlist\u003e -n \u003cUsername\u003e -t \u003cMax threads\u003e -c \u003cBatch maximum size\u003e\n```\n\n### Get help\n```Bash\n.\\WPCracker.exe --brute -?\n```\n\n# This is for ethical use only :)\n\n#### Thank's for [adamabdelhamed's PowerArgs](https://github.com/adamabdelhamed/PowerArgs \"PowerArgs\")\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonirinta-kahila%2Fwpcracker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjonirinta-kahila%2Fwpcracker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonirinta-kahila%2Fwpcracker/lists"}