Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/JoniRinta-Kahila/WPCracker

WordPress pentest tool
https://github.com/JoniRinta-Kahila/WPCracker

attack brute-force brute-force-attacks console-application csharp hacking-tool linux penetration-testing pentesting security user-enumeration windows wordpress wordpress-site

Last synced: about 1 month ago
JSON representation

WordPress pentest tool

Host: GitHub
URL: https://github.com/JoniRinta-Kahila/WPCracker
Owner: JoniRinta-Kahila
License: mit
Created: 2020-08-16T00:53:09.000Z (about 4 years ago)
Default Branch: master
Last Pushed: 2021-01-09T13:31:30.000Z (over 3 years ago)
Last Synced: 2024-05-28T20:16:22.306Z (4 months ago)
Topics: attack, brute-force, brute-force-attacks, console-application, csharp, hacking-tool, linux, penetration-testing, pentesting, security, user-enumeration, windows, wordpress, wordpress-site
Language: C#
Homepage:
Size: 3.59 MB
Stars: 41
Watchers: 6
Forks: 10
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - JoniRinta-Kahila/WPCracker - WordPress pentest tool (C# #)

README

# WPCracker

WordPress user enumeration and login Brute Force tool for Windows and Linux

With the Brute Force tool, you can control how aggressive an attack you want to perform, and this affects the attack time required.
The tool makes it possible to adjust the number of threads as well as how large password batches each thread is tested at a time.
However, too much attack power can cause the victim's server to slow down.

For example, When I attacked to my local server, it takes about two days to go through the rockyou.txt (14,341,564 unique passwords) when I used the program's presets for the number of threads (12) and the size of the batches (1000).

In this article, "victim" refers to the attacked WordPress site in pentest lab.
Attacking a WordPress site for which you do not have permission may be illegal.

# Using:

## User Enumeration
```Bash
.\WPCracker.exe --enum -u -o
```
#### OR JUST
```Bash
.\WPCracker.exe --enum
```
In this case, the program only requests the required information

## Brute Force

### Using program's presets
```Bash
.\WPCracker.exe --brute -u -p -n -o
```
#### OR JUST
```Bash
.\WPCracker.exe --brute
```
In this case, the program only requests the required information

### Using with custom settings
```Bash
.\WPCracker.exe --brute -u -p -n -t -c
```

### Get help
```Bash
.\WPCracker.exe --brute -?
```

# This is for ethical use only :)

#### Thank's for [adamabdelhamed's PowerArgs](https://github.com/adamabdelhamed/PowerArgs "PowerArgs")