Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/topscoder/nuclei-wordfence-cve

The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
https://github.com/topscoder/nuclei-wordfence-cve

bugbounty cve exploits nuclei nuclei-templates pentesting projectdiscovery scanner security vulnerability vulnerability-scanning wordfence wordpress

Last synced: 9 days ago
JSON representation

The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.

Host: GitHub
URL: https://github.com/topscoder/nuclei-wordfence-cve
Owner: topscoder
Created: 2023-02-28T21:32:00.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-10-30T03:41:25.000Z (9 days ago)
Last Synced: 2024-10-30T06:25:26.996Z (9 days ago)
Topics: bugbounty, cve, exploits, nuclei, nuclei-templates, pentesting, projectdiscovery, scanner, security, vulnerability, vulnerability-scanning, wordfence, wordpress
Language: Python
Homepage:
Size: 143 MB
Stars: 915
Watchers: 19
Forks: 113
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

WebHackersWeapons - nuclei-wordfence-cve - wordfence-cve?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| (Weapons / Tools)
awesome-hacking-lists - topscoder/nuclei-wordfence-cve - The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security. (Python)

README

        


  

    

  

  Nuclei + Wordfence = ♥


  
43,427 Nuclei Templates for WordPress Security Scanning 🥳

  

   

   

   



---

Level up your WordPress security game! This project's got a treasure trove of fresh [Nuclei](https://github.com/projectdiscovery/nuclei) templates for WordPress. Scan for weaknesses in Core, plugins, and themes – all based on the latest intel from [Wordfence.com](https://www.wordfence.com/threat-intel/vulnerabilities/).

Here's why this is your new best friend:

* **Massive collection**: No more hunting for individual templates, you've got a whole arsenal at your fingertips.

* **Always on point**: These templates stay updated with the freshest threats, so you're never behind the curve.

* **Open source magic**: Need to tweak a template for a specific situation? No problem, you've got full control.

If you're guarding a WordPress site, this project is your secret weapon to identify vulnerabilities before the bad guys do.  Stop wasting time and secure your sites like a pro!

---

> [!TIP]

> If you found this project helpful, please consider giving it a star on GitHub.

> Your support helps to make this project even better. 🌟

### What's in it?!

| category | total |

|---|---|

| wp-plugins | [40,503](https://github.com/search?q=%22wp-plugin%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| wp-themes | [2,174](https://github.com/search?q=%22wp-theme%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| wp-core | [743](https://github.com/search?q=%22wp-core%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| other | [16](https://github.com/search?q=repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML++NOT+%22wp-plugin%22+NOT+%22wp-core%22+NOT+%22wp-theme%22+path%3A%2F%5Enuclei-templates%5C%2F%2F&type=code&ref=advsearch) |

| severity | total |

|---|---|

| info | [7](https://github.com/search?q=%22severity%3A+info%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| low | [18,204](https://github.com/search?q=severity%3A+low+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| medium | [13,820](https://github.com/search?q=severity%3A+medium+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| high | [8,092](https://github.com/search?q=severity%3A+high+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

| critical | [3,303](https://github.com/search?q=severity%3A+critical+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |

## Installation

To install this `nuclei-wordfence-cve` repository for use with Nuclei, you can use the following commands:

```bash

export GITHUB_TEMPLATE_REPO=topscoder/nuclei-wordfence-cve

nuclei -update-templates

```

### Usage

Once you have installed this template repo using the commands above, you can run the following command to scan for vulnerabilities using Nuclei:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -u https://target.com

```

### Examples

Here are some examples how to use the templates:

* To scan for **all known vulnerabilities** in WordPress, you can run the following command:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -u https://target.com

```

* To scan for a **CVE specific vulnerability**, you can run the following command:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -template-id cve-2023-32961 -u https://target.com

```

* To scan only for **critical vulnerabilities**, you can run the following command:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -severity critical -u https://target.com

```

* To scan only for **WordPress core vulnerabilities**, you can run the following command:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-core -u https://target.com

```

* To scan only for **WordPress plugin vulnerabilities**, you can run the following command:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-plugin -u https://target.com

```

* To scan only for **WordPress theme vulnerabilities**, you can run the following command:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-theme -u https://target.com

```

* To go wild, you can combine and combine and combine:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-plugin,wp-theme -severity critical,high

```

* To go even wilder, you can use the template condition flag (`-tc`) that allows complex expressions like the following ones:

```bash

nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'cross-site scripting') || contains(to_upper(name),'XSS')" -u https://target.com

nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'sql injection') || contains(to_lower(description),'sql injection')" -u https://target.com

nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'file inclusion') || contains(to_lower(description),'file inclusion')" -u https://target.com

nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_upper(name),'CSRF') || contains(to_upper(description),'CSRF')" -u https://target.com

```

## Contributing

If you would like to contribute to this project, please feel free to fork the repository and submit a pull request.

## Protecting Customized Templates

To prevent accidental overwrites, you can mark templates you've manually customized with a comment at the end. Add the line `# Enhanced` as the last line of the template file.

## License

This project is licensed under the MIT License.

## Contact

If you have any questions or feedback, please feel free to contact the project maintainers.

~~ Please use it responsibly!