{"id":14954980,"url":"https://github.com/webarx-security/wpbullet","last_synced_at":"2025-08-01T00:05:17.656Z","repository":{"id":45811739,"uuid":"181378915","full_name":"webarx-security/wpbullet","owner":"webarx-security","description":"A static code analysis for WordPress (and PHP)","archived":false,"fork":false,"pushed_at":"2022-09-12T08:56:12.000Z","size":232,"stargazers_count":236,"open_issues_count":9,"forks_count":47,"subscribers_count":11,"default_branch":"dev","last_synced_at":"2025-04-03T00:07:27.079Z","etag":null,"topics":["cyber-security","security","static-code-analysis","wordpress","wordpress-development"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/webarx-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-04-14T23:00:28.000Z","updated_at":"2025-03-30T19:55:21.000Z","dependencies_parsed_at":"2023-01-18T04:30:48.894Z","dependency_job_id":null,"html_url":"https://github.com/webarx-security/wpbullet","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webarx-security%2Fwpbullet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webarx-security%2Fwpbullet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webarx-security%2Fwpbullet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webarx-security%2Fwpbullet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/webarx-security","download_url":"https://codeload.github.com/webarx-security/wpbullet/tar.gz/refs/heads/dev","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248144070,"owners_count":21054865,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber-security","security","static-code-analysis","wordpress","wordpress-development"],"created_at":"2024-09-24T13:10:19.946Z","updated_at":"2025-04-10T02:29:26.765Z","avatar_url":"https://github.com/webarx-security.png","language":"Python","readme":"![alt text](https://raw.githubusercontent.com/webarx-security/wpbullet/dev/screenshots/1.png \"Logo Title Text 1\")\n\n\n\n# wpBullet [![Build Status](https://travis-ci.org/webarx-security/wpbullet.svg?branch=dev)](https://travis-ci.org/webarx-security/wpbullet) [![Python 2.x|3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-blue.svg)](https://github.com/webarx-security/wpbullet/blob/dev/LICENSE)\nA static code analysis for WordPress Plugins/Themes (and PHP)\n\n\n## Installation\nSimply clone the repository, install requirements and run the script \n- `$ git clone https://github.com/webarx-security/wpbullet wpbullet` \n- `$ cd wpbullet`\n- `$ pip install -r requirements.txt`\n- `$ python wpbullet.py`\n\n\n## Usage\nAvailable options:\n```\n--path (required) System path or download URL \nExamples:\n--path=\"/path/to/plugin\"\n--path=\"https://wordpress.org/plugins/example-plugin\"\n--path=\"https://downloads.wordpress.org/plugin/example-plugin.1.5.zip\"\n\n--enabled (optional) Check only for given modules, ex. --enabled=\"SQLInjection,CrossSiteScripting\"\n--disabled (optional) Don't check for given modules, ex. --disabled=\"SQLInjection,CrossSiteScripting\"\n--cleanup (optional) Automatically remove content of .temp folder after scanning remotely downloaded plugin (boolean)\n--report (optional) Saves result inside reports/ directory in JSON format (boolean)\n\n$ python wpbullet.py --path=\"/var/www/wp-content/plugins/plugin-name\"\n```\n\n## Creating modules\nCreating a module is flexible and allows for override of the `BaseClass` methods for each module as well as creating their own methods\n\nEach module in `Modules` directory is implementing properties and methods from `core.modules.BaseClass`,\nthus each module's required parameter is `BaseClass`\n\nOnce created, module needs to be imported in `modules/__init__.py`. Module and class name must be consistent\nin order to module to be loaded.\n\n__If you are opening pull request to add new module, please provide unit tests for your module as well.__\n\n\n### Module template\n\n`Modules/ExampleVulnerability.py`\n```python\nfrom core.modules import BaseClass\n\n\nclass ExampleVulnerability(object):\n\n    # Vulnerability name\n    name = \"Cross-site Scripting\"\n\n    # Vulnerability severity\n    severity = \"Low-Medium\"\n\n    # Functions causing vulnerability\n    functions = [\n        \"print\"\n        \"echo\"\n    ]\n\n    # Functions/regex that prevent exploitation\n    blacklist = [\n        \"htmlspecialchars\",\n        \"esc_attr\"\n    ]\n\n```\n\n#### Overriding regex match pattern\nRegex pattern is being generated in `core.modules.BaseClass.build_pattern` and therefore can be overwritten in \neach module class.\n\n`Modules/ExampleVulnerability.py`\n```python\nimport copy\n\n\n...\n# Build dynamic regex pattern to locate vulnerabilities in given content\ndef build_pattern(self, content, file):\n    user_input = copy.deepcopy(self.user_input)\n\n    variables = self.get_input_variables(self, content)\n\n    if variables:\n        user_input.extend(variables)\n\n    if self.blacklist:\n        blacklist_pattern = r\"(?!(\\s?)+(.*(\" + '|'.join(self.blacklist) + \")))\"\n    else:\n        blacklist_pattern = \"\"\n\n    self.functions = [self.functions_prefix + x for x in self.functions]\n\n    pattern = r\"((\" + '|'.join(self.functions) + \")\\s{0,}\\(?\\s{0,1}\" + blacklist_pattern + \".*(\" + '|'.join(user_input) + \").*)\"\n    return pattern\n```\n\n### Testing\nRunning unit tests: `$ python3 -m unittest`\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwebarx-security%2Fwpbullet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwebarx-security%2Fwpbullet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwebarx-security%2Fwpbullet/lists"}