WordPress Watcher - Automating WPScan to scan and report vulnerable Wordpress sites
Project description
WPWatcher
Automating WPScan to scan and report vulnerable Wordpress sites
Wordpress Watcher is a wrapper for WPScan that manages scans on multiple sites and reports by email.
Automate scans and get notified when vulnerabilities, outdated plugins or other risks are found.
Features
- Scan multiple sites with WPScan
- Parse WPScan output and divide the results in "Alerts", "Warnings", "Informations" and eventually "Errors"
- Handled VulnDB API limit
- Define reporting emails addresses for every configured site individually and globally (wiki/Email-reports)
- Define false positives strings for every configured site individually and globally (wiki/False-positives)
- Define WPScan arguments for every configured site individually and globally (wiki/WPScan-configuration)
- Send WPScan findings to Syslog server (wiki/Syslog-output)
- Save raw WPScan output into files
- Log file can also lists all the findings (wiki/Output)
- Speed up scans using several asynchronous workers
- Parse and follow URL redirection if WPScan fails and propose to ignore main redirect
- Scan sites continuously at defined interval and configure script as a linux service (wiki/Linux-service)
- Additionnal alerts depending of finding type (SQL dump, etc.) (match list)
- Keep track of fixed issues
- Simple library usage (wiki/Library-usage)
Prerequisites
- WPScan (itself requires Ruby and some libraries).
- Python 3
Install
With PyPi (stable)
python3 -m pip install 'wpwatcher' --upgrade
Installs WPWatcher without syslog output support
wpwatcher should be in your PATH.
Review the Wiki for more documentation.
Try it out
Simple usage
Scan 2 sites with default config.
wpwatcher --url exemple.com exemple1.com
More complete exemple
Load sites from text file , add WPScan arguments , follow redirection if WPScan fails , use 5 asynchronous workers , email custom recepients if any alerts with full WPScan output attached. If you reach your API limit, it will wait and continue 24h later.
wpwatcher --urls sites.txt \
--wpscan_args "--force --stealthy --api-token <TOKEN>" \
--follow_redirect \
--workers 5 \
--send --attach \
--email_to collaborator1@office.ca collaborator2@office.ca \
--api_limit_wait
WPWatcher must read a configuration file to send mail reports.
This exemple assume you have filled your config file with mail server setings.
Inspect a report in database
wpwatcher --show <site>
Configuration
Select config file with --conf File path. You can specify multiple files. Will overwrites the keys with each successive file.
Create and edit a new config file from template.
wpwatcher --template_conf > wpwatcher.conf
vim wpwatcher.conf
To load the config file by default, move the file to the following location:
- For Windows:
%APPDATA%\.wpwatcher\wpwatcher.confor%APPDATA%\wpwatcher.conf - For Mac/Linux :
$HOME/.wpwatcher/wpwatcher.confor$HOME/wpwatcher.conf
See: All configuration options
Configuration exemple
Sample configuration file with full featured wp_sites entry, custom WPScan path and arguments, vuln DB api limit handling, email and syslog reporting
[wpwatcher]
wp_sites= [ {
"url":"exemple.com",
"email_to":["site_owner@domain.com"],
"false_positive_strings":[
"Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS",
"Yoast SEO <= 9.1 - Authenticated Race Condition"],
"wpscan_args":["--stealthy"]
},
{ "url":"exemple2.com" } ]
wpscan_path=/usr/local/rvm/gems/default/wrappers/wpscan
wpscan_args=[ "--format", "json",
"--no-banner",
"--random-user-agent",
"--disable-tls-checks",
"--api-token", "YOUR_API_TOKEN" ]
api_limit_wait=Yes
send_email_report=Yes
email_to=["me@gmail.com"]
from_email=me@gmail.com
smtp_user=me@gmail.com
smtp_server=smtp.gmail.com:587
smtp_ssl=Yes
smtp_auth=Yes
smtp_pass=P@assW0rd
syslog_server=syslogserver.ca
syslog_port=514
Email reports
One report is generated per site and the reports are sent individually when finished scanning a website.
Questions ?
If you have any questions, please create a new issue.
Contribute
If you like the project and think you could help with making it better, there are many ways you can do it:
- Create new issue for new feature proposal or a bug
- Implement existing issues
- Help with improving the documentation
- Spread a word about the project to your collegues, friends, blogs or any other channels
- Any other things you could imagine
- Any contribution would be of great help
Running tests
pytest
Authors
- Florian Roth (Original author of WPWatcher v0.2)
- Tristan Landes
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file wpwatcher-2.4.8.tar.gz.
File metadata
- Download URL: wpwatcher-2.4.8.tar.gz
- Upload date:
- Size: 35.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.25.0 setuptools/50.3.2 requests-toolbelt/0.9.1 tqdm/4.54.1 CPython/3.8.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f37656d31f2098753cb02499992ca0e52c4904d76b280109dca2c40afdc8032e |
|
| MD5 | 5cce0cb151c550af78e4f85f027717b5 |
|
| BLAKE2b-256 | 0a9f9048bb89e4d1697695555b139d957adb67f78cd654ba30e7453140fa042d |
File details
Details for the file wpwatcher-2.4.8-py3-none-any.whl.
File metadata
- Download URL: wpwatcher-2.4.8-py3-none-any.whl
- Upload date:
- Size: 46.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.25.0 setuptools/50.3.2 requests-toolbelt/0.9.1 tqdm/4.54.1 CPython/3.8.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0a46d6842e71b26ad723c04efeab5423adc0df449cd6ef21ed3a87ab8a956f47 |
|
| MD5 | 5f136b762d17321a025adf1ac0e99114 |
|
| BLAKE2b-256 | 7e461cc419777d344b6acb3934ab1b9269c43c98292e82dbe9b588131cd43d3e |
