Skip to main content

WordPress Watcher is a Python wrapper for WPScan that manages scans on multiple sites and reports by email.

Project description

WPWatcher

Automating WPScan to scan and report vulnerable Wordpress sites

Features

  • Scan multiple sites with WPScan
  • Parse WPScan output and divide the results in "Alerts", "Warnings", "Informations" and eventually "Errors"
  • Additionnal alerts depending of finding type (SQL dump, etc.)
  • Keep track of fixed issues
  • Handled VulnDB API limit
  • Define reporting emails addresses for every configured site individually and globally
  • Define false positives strings for every configured site individually and globally
  • Define WPScan arguments for every configured site individually and globally
  • Save raw WPScan results into files
  • Speed up scans using several asynchronous workers
  • Follow URL redirection if WPScan fails and propose to ignore main redirect
  • Log file also lists all the findings
  • Scan sites continuously at defined interval and configure script as a linux service
  • Parse results differently wether WPScan format is JSON or CLI

Prerequisites

  • WPScan (itself requires Ruby and some libraries).
  • Python 3 (standard libraries)
  • Tested on Linux and MacOS

Install

With PyPi (stable)

python3 -m pip install wpwatcher

NEW 🔥
Install wpscan-analyze to include a table summary of all plugins versions and vulnerabilities in emails.

Update
python3 -m pip install wpwatcher --upgrade

Manually (develop)

git clone https://github.com/tristanlatr/WPWatcher.git
cd WPWatcher
python3 setup.py install

wpwatcher should be in your PATH.

Review the Wiki for more documentation.

Try it out

Simple usage
Scan 2 sites with default config.

wpwatcher --url exemple.com exemple1.com

More complete exemple
Load sites from text file , add WPScan arguments , follow redirection if WPScan fails , use 5 asynchronous workers , email custom recepients if any alerts with full WPScan output attached. If you reach your API limit, it will wait and continue 24h later.

wpwatcher --urls sites.txt \
        --wpscan_args "--force --stealthy --api-token <TOKEN>" \
        --follow_redirect \
        --workers 5 \
        --send --attach \
        --email_to collaborator1@office.ca collaborator2@office.ca \
        --api_limit_wait

WPWatcher must read a configuration file to send mail reports.
This exemple assume you have filled your config file with mail server setings.

Configuration

Select config file with --conf File path. You can specify multiple files. Will overwrites the keys with each successive file.
Default config files are ~/.wpwatcher/wpwatcher.conf , ~/wpwatcher.conf and ./wpwatcher.conf.

Create and edit a new config file from template.

wpwatcher --template_conf > ./wpwatcher.conf
vim ./wpwatcher.conf

All configuration options

Configuration exemple

Sample configuration file with full featured wp_sites entry, custom WPScan path and arguments, vuln DB api limit handling and email reporting.

[wpwatcher]
wp_sites=   [ {   
                "url":"exemple.com",
                "email_to":["site_owner@domain.com"],
                "false_positive_strings":[
                    "Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS",
                    "Yoast SEO <= 9.1 - Authenticated Race Condition"],
                "wpscan_args":["--stealthy"]
              },
              { "url":"exemple2.com"  }  ]
wpscan_path=/usr/local/rvm/gems/default/wrappers/wpscan
wpscan_args=[   "--format", "json",
                "--no-banner",
                "--random-user-agent", 
                "--disable-tls-checks",
                "--api-token", "YOUR_API_TOKEN" ]
api_limit_wait=Yes
send_email_report=Yes
email_to=["me@gmail.com"]
from_email=me@gmail.com
smtp_user=me@gmail.com
smtp_server=smtp.gmail.com:587
smtp_ssl=Yes
smtp_auth=Yes
smtp_pass=P@assW0rd

Email reports

One report is generated per site and the reports are sent individually when finished scanning a website.

WPWatcher Report List

WPWatcher Report

Questions ?

If you have any questions, please create a new issue.

Contribute

If you like the project and think you could help with making it better, there are many ways you can do it:

  • Create new issue for new feature proposal or a bug
  • Implement existing issues
  • Help with improving the documentation
  • Spread a word about the project to your collegues, friends, blogs or any other channels
  • Any other things you could imagine
  • Any contribution would be of great help

Running tests

pytest

Authors

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

wpwatcher-2.3.0.dev7.tar.gz (34.2 kB view details)

Uploaded Source

Built Distribution

wpwatcher-2.3.0.dev7-py3-none-any.whl (40.8 kB view details)

Uploaded Python 3

File details

Details for the file wpwatcher-2.3.0.dev7.tar.gz.

File metadata

  • Download URL: wpwatcher-2.3.0.dev7.tar.gz
  • Upload date:
  • Size: 34.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.2.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.8.5

File hashes

Hashes for wpwatcher-2.3.0.dev7.tar.gz
Algorithm Hash digest
SHA256 b0157c64253ea154dc87fa12622eb95001a8633fdb5e97fbc7d67f1896b1b9ff
MD5 8ab2c83416c3a4ae27b469d4fd9db303
BLAKE2b-256 72e4dec3c6db90f5268ea977962e66f4744bd82defd4ebb15d10944c0e1b7ea9

See more details on using hashes here.

File details

Details for the file wpwatcher-2.3.0.dev7-py3-none-any.whl.

File metadata

  • Download URL: wpwatcher-2.3.0.dev7-py3-none-any.whl
  • Upload date:
  • Size: 40.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.2.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.8.5

File hashes

Hashes for wpwatcher-2.3.0.dev7-py3-none-any.whl
Algorithm Hash digest
SHA256 82cc36f6cf775f12c54c4db6a44f3e3b12dd1388f30ec9799a73ff8ad9bcd79c
MD5 11ef6f01687382fd04d4c473acf51185
BLAKE2b-256 733f290534fe262ffb393a02a021f222b2d9900f302d1b1a326720a41df94404

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page