Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/topscoder/nuclei-wordfence-cve
The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
https://github.com/topscoder/nuclei-wordfence-cve
bugbounty cve exploits nuclei nuclei-templates pentesting projectdiscovery scanner security vulnerability vulnerability-scanning wordfence wordpress
Last synced: about 1 hour ago
JSON representation
The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
- Host: GitHub
- URL: https://github.com/topscoder/nuclei-wordfence-cve
- Owner: topscoder
- Created: 2023-02-28T21:32:00.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-10-30T03:41:25.000Z (about 1 month ago)
- Last Synced: 2024-10-30T06:25:26.996Z (about 1 month ago)
- Topics: bugbounty, cve, exploits, nuclei, nuclei-templates, pentesting, projectdiscovery, scanner, security, vulnerability, vulnerability-scanning, wordfence, wordpress
- Language: Python
- Homepage:
- Size: 143 MB
- Stars: 915
- Watchers: 19
- Forks: 113
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- WebHackersWeapons - nuclei-wordfence-cve - wordfence-cve?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| (Weapons / Tools)
- awesome-hacking-lists - topscoder/nuclei-wordfence-cve - The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security. (Python)
README
---
Level up your WordPress security game! This project's got a treasure trove of fresh [Nuclei](https://github.com/projectdiscovery/nuclei) templates for WordPress. Scan for weaknesses in Core, plugins, and themes – all based on the latest intel from [Wordfence.com](https://www.wordfence.com/threat-intel/vulnerabilities/).
Here's why this is your new best friend:
* **Massive collection**: No more hunting for individual templates, you've got a whole arsenal at your fingertips.
* **Always on point**: These templates stay updated with the freshest threats, so you're never behind the curve.
* **Open source magic**: Need to tweak a template for a specific situation? No problem, you've got full control.If you're guarding a WordPress site, this project is your secret weapon to identify vulnerabilities before the bad guys do. Stop wasting time and secure your sites like a pro!
---
> [!TIP]
> If you found this project helpful, please consider giving it a star on GitHub.
> Your support helps to make this project even better. 🌟### What's in it?!
| category | total |
|---|---|
| wp-plugins | [43,633](https://github.com/search?q=%22wp-plugin%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| wp-themes | [2,235](https://github.com/search?q=%22wp-theme%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| wp-core | [743](https://github.com/search?q=%22wp-core%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| other | [16](https://github.com/search?q=repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML++NOT+%22wp-plugin%22+NOT+%22wp-core%22+NOT+%22wp-theme%22+path%3A%2F%5Enuclei-templates%5C%2F%2F&type=code&ref=advsearch) || severity | total |
|---|---|
| info | [7](https://github.com/search?q=%22severity%3A+info%22+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| low | [20,094](https://github.com/search?q=severity%3A+low+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| medium | [14,664](https://github.com/search?q=severity%3A+medium+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| high | [8,283](https://github.com/search?q=severity%3A+high+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |
| critical | [3,569](https://github.com/search?q=severity%3A+critical+repo%3Atopscoder%2Fnuclei-wordfence-cve+language%3AYAML&type=code&ref=advsearch) |## Installation
To install this `nuclei-wordfence-cve` repository for use with Nuclei, you can use the following commands:
```bash
export GITHUB_TEMPLATE_REPO=topscoder/nuclei-wordfence-cve
nuclei -update-templates
```### Usage
Once you have installed this template repo using the commands above, you can run the following command to scan for vulnerabilities using Nuclei:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -u https://target.com
```### Examples
Here are some examples how to use the templates:
* To scan for **all known vulnerabilities** in WordPress, you can run the following command:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -u https://target.com
```* To scan for a **CVE specific vulnerability**, you can run the following command:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -template-id cve-2023-32961 -u https://target.com
```* To scan only for **critical vulnerabilities**, you can run the following command:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -severity critical -u https://target.com
```* To scan only for **WordPress core vulnerabilities**, you can run the following command:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-core -u https://target.com
```* To scan only for **WordPress plugin vulnerabilities**, you can run the following command:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-plugin -u https://target.com
```* To scan only for **WordPress theme vulnerabilities**, you can run the following command:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-theme -u https://target.com
```* To go wild, you can combine and combine and combine:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-plugin,wp-theme -severity critical,high
```* To go even wilder, you can use the template condition flag (`-tc`) that allows complex expressions like the following ones:
```bash
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'cross-site scripting') || contains(to_upper(name),'XSS')" -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'sql injection') || contains(to_lower(description),'sql injection')" -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'file inclusion') || contains(to_lower(description),'file inclusion')" -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_upper(name),'CSRF') || contains(to_upper(description),'CSRF')" -u https://target.com
```## Contributing
If you would like to contribute to this project, please feel free to fork the repository and submit a pull request.
## Protecting Customized Templates
To prevent accidental overwrites, you can mark templates you've manually customized with a comment at the end. Add the line `# Enhanced` as the last line of the template file.
## License
This project is licensed under the MIT License.
## Contact
If you have any questions or feedback, please feel free to contact the project maintainers.
~~ Please use it responsibly!