<h1 align="center">
<img src="https://wpwatcher.readthedocs.io/en/latest/_static/logo.png" width="250" />
</h1>
<p align="center">
WPWatcher - Automating <a href="https://wpscan.org/" title="homepage" target="_blank">WPScan</a> to scan and report vulnerable Wordpress sites
<br>
</p>
<p align="center">
<a href="https://github.com/tristanlatr/WPWatcher/actions" target="_blank"><img src="https://github.com/tristanlatr/WPWatcher/workflows/test/badge.svg"></a>
<a href="https://codecov.io/gh/tristanlatr/WPWatcher" target="_blank"><img src="https://codecov.io/gh/tristanlatr/WPWatcher/branch/master/graph/badge.svg"></a>
<a href="https://pypi.org/project/WPWatcher/" target="_blank"><img src="https://badge.fury.io/py/wpwatcher.svg"></a>
<a href="https://codeclimate.com/github/tristanlatr/WPWatcher" target="_blank"><img src="https://codeclimate.com/github/tristanlatr/WPWatcher/badges/gpa.svg"></a>
<a href="http://mypy-lang.org/" target="_blank"><img src="http://www.mypy-lang.org/static/mypy_badge.svg"></a>
<a href='https://wpwatcher.readthedocs.io/en/latest/'>
<img src='https://readthedocs.org/projects/wpwatcher/badge/?version=latest' alt='Documentation Status' />
</a>
</p>
<p align="center">
Wordpress Watcher is a wrapper for WPScan that manages scans on multiple sites and reports by email and/or syslog.
Schedule scans and get notified when vulnerabilities, outdated plugins and other risks are found.
</p>
## Features
- Scan **multiple sites** with WPScan
- **Parse WPScan output** and divide the results in *"Alerts"*, *"Warnings"* and *"Informations"*
- **Handled VulnDB API limit**
- Define **reporting emails addresses** for every configured site individually and globally
- Define **false positives strings** for every configured site individually and globally
- Define **WPScan arguments** for every configured site individually and globally
- Send WPScan findings to **Syslog** server
- Save raw WPScan output into files
- Log file lists all the findings
- Speed up scans using several asynchronous workers
- **Follow URL redirection** if WPScan fails and propose to ignore main redirect
- Scan sites continuously at defined interval and configure script as a linux service
- Additionnal alerts depending of finding type (SQL dump, etc.)
- Keep track of fixed and unfixed issues
## Documentation
[Read The Docs](https://wpwatcher.readthedocs.io/en/latest/).
## Usage exemple
Scan two sites, add WPScan arguments, follow URL redirection and email report to recepients. If you reach your API limit, it will wait and continue 24h later.
```bash
wpwatcher --url exemple.com exemple1.com \
--wpscan_args "--force --stealthy --api-token <TOKEN>" \
--follow_redirect --api_limit_wait \
--send --infos --email_to you@office.ca me@office.ca
```
WPWatcher must read a configuration file to send mail reports. This exemple assume you have filled your config file with mail server setings.
## Emails
Sample email report.
## Authors
- Florian Roth (Original author of [WPWatcher v0.2](https://github.com/Neo23x0/WPWatcher))
- Tristan Landes
## Disclamer
Use at your own risks.
Raw data
{
"_id": null,
"home_page": "https://github.com/tristanlatr/WPWatcher",
"name": "wpwatcher",
"maintainer": "Florian Roth, Tristan Landes",
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": "",
"keywords": "wpscan auto multiple bulk batch scan wordpress email report alerts warnings service automate mass vulnerable sites asynchronous syslog",
"author": "",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/4c/c7/1654616a497acca3ad951d6f26ac3fb44fc5adab162162619d25696b8f8b/wpwatcher-3.0.7.tar.gz",
"platform": null,
"description": "\n<h1 align=\"center\"> \n <img src=\"https://wpwatcher.readthedocs.io/en/latest/_static/logo.png\" width=\"250\" />\n</h1>\n\n<p align=\"center\">\n WPWatcher - Automating <a href=\"https://wpscan.org/\" title=\"homepage\" target=\"_blank\">WPScan</a> to scan and report vulnerable Wordpress sites\n <br>\n</p>\n\n<p align=\"center\">\n <a href=\"https://github.com/tristanlatr/WPWatcher/actions\" target=\"_blank\"><img src=\"https://github.com/tristanlatr/WPWatcher/workflows/test/badge.svg\"></a>\n <a href=\"https://codecov.io/gh/tristanlatr/WPWatcher\" target=\"_blank\"><img src=\"https://codecov.io/gh/tristanlatr/WPWatcher/branch/master/graph/badge.svg\"></a>\n <a href=\"https://pypi.org/project/WPWatcher/\" target=\"_blank\"><img src=\"https://badge.fury.io/py/wpwatcher.svg\"></a>\n <a href=\"https://codeclimate.com/github/tristanlatr/WPWatcher\" target=\"_blank\"><img src=\"https://codeclimate.com/github/tristanlatr/WPWatcher/badges/gpa.svg\"></a>\n <a href=\"http://mypy-lang.org/\" target=\"_blank\"><img src=\"http://www.mypy-lang.org/static/mypy_badge.svg\"></a>\n <a href='https://wpwatcher.readthedocs.io/en/latest/'>\n <img src='https://readthedocs.org/projects/wpwatcher/badge/?version=latest' alt='Documentation Status' />\n </a>\n</p>\n\n<p align=\"center\">\n Wordpress Watcher is a wrapper for WPScan that manages scans on multiple sites and reports by email and/or syslog. \n Schedule scans and get notified when vulnerabilities, outdated plugins and other risks are found. \n</p>\n\n## Features\n\n - Scan **multiple sites** with WPScan\n - **Parse WPScan output** and divide the results in *\"Alerts\"*, *\"Warnings\"* and *\"Informations\"* \n - **Handled VulnDB API limit**\n - Define **reporting emails addresses** for every configured site individually and globally \n - Define **false positives strings** for every configured site individually and globally \n - Define **WPScan arguments** for every configured site individually and globally \n - Send WPScan findings to **Syslog** server \n - Save raw WPScan output into files\n - Log file lists all the findings \n - Speed up scans using several asynchronous workers\n - **Follow URL redirection** if WPScan fails and propose to ignore main redirect\n - Scan sites continuously at defined interval and configure script as a linux service \n - Additionnal alerts depending of finding type (SQL dump, etc.) \n - Keep track of fixed and unfixed issues\n\n## Documentation\n\n[Read The Docs](https://wpwatcher.readthedocs.io/en/latest/). \n\n## Usage exemple\n\nScan two sites, add WPScan arguments, follow URL redirection and email report to recepients. If you reach your API limit, it will wait and continue 24h later.\n\n```bash\nwpwatcher --url exemple.com exemple1.com \\\n --wpscan_args \"--force --stealthy --api-token <TOKEN>\" \\\n --follow_redirect --api_limit_wait \\\n --send --infos --email_to you@office.ca me@office.ca\n```\n\nWPWatcher must read a configuration file to send mail reports. This exemple assume you have filled your config file with mail server setings.\n\n## Emails\n\nSample email report.\n\n![WPWatcher Report](https://github.com/tristanlatr/WPWatcher/raw/master/docs/source/_static/wpwatcher-report.png \"WPWatcher Report\")\n\n## Authors\n- Florian Roth (Original author of [WPWatcher v0.2](https://github.com/Neo23x0/WPWatcher))\n- Tristan Landes\n\n## Disclamer\n\nUse at your own risks.\n",
"bugtrack_url": null,
"license": "Apache License 2.0",
"summary": "WPWatcher - Automating WPScan to scan and report vulnerable Wordpress sites",
"version": "3.0.7",
"project_urls": {
"Homepage": "https://github.com/tristanlatr/WPWatcher"
},
"split_keywords": [
"wpscan",
"auto",
"multiple",
"bulk",
"batch",
"scan",
"wordpress",
"email",
"report",
"alerts",
"warnings",
"service",
"automate",
"mass",
"vulnerable",
"sites",
"asynchronous",
"syslog"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "365e367df274113d811fc8c231163ce370eae4ca79389fda353a13ef4c3937d8",
"md5": "86068e09a290f30a417a87c1effa0029",
"sha256": "61ce7382f01aa24fb03637e77bcbd0990e533782f228c1e28c3139d2c28631a4"
},
"downloads": -1,
"filename": "wpwatcher-3.0.7-py3-none-any.whl",
"has_sig": false,
"md5_digest": "86068e09a290f30a417a87c1effa0029",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 50983,
"upload_time": "2023-05-09T14:26:53",
"upload_time_iso_8601": "2023-05-09T14:26:53.471733Z",
"url": "https://files.pythonhosted.org/packages/36/5e/367df274113d811fc8c231163ce370eae4ca79389fda353a13ef4c3937d8/wpwatcher-3.0.7-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "4cc71654616a497acca3ad951d6f26ac3fb44fc5adab162162619d25696b8f8b",
"md5": "da537242170dc02b9072c736be5cdbf8",
"sha256": "aca40c5fb9eeb3356111d7c22c824c3fdc9e1bd4dfcca3c5096098ade31adb91"
},
"downloads": -1,
"filename": "wpwatcher-3.0.7.tar.gz",
"has_sig": false,
"md5_digest": "da537242170dc02b9072c736be5cdbf8",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 42072,
"upload_time": "2023-05-09T14:26:55",
"upload_time_iso_8601": "2023-05-09T14:26:55.239989Z",
"url": "https://files.pythonhosted.org/packages/4c/c7/1654616a497acca3ad951d6f26ac3fb44fc5adab162162619d25696b8f8b/wpwatcher-3.0.7.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-05-09 14:26:55",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "tristanlatr",
"github_project": "WPWatcher",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "wpwatcher"
}
JSON
