Security Cipher
Home Blog About Us
Resources β–Ό
πŸ—ΊοΈ Penetration Testing Roadmap 🌐 Web Application Security Checklist πŸ€– OWASP Top 10 for LLM Applications 🧠 LLM AI Security Checklist πŸ› οΈ Security Tools 🎯 Penetration Testing Tricks πŸ“„ Secure Code Explain πŸ“– Vulnerability Explain ☁️ AWS Cloud Security Checklist
My Resume
Contact Us
← Security Tools View on GitHub

WPSpider

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.

WPSpider- A WordPress Scanner (version 1.0b)

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility. It has following features:

  1. Login Page-
    • Authentication is required to access the application.
  2. Dashboard Page-
    • On Demand Scan : Run scans instantly by either providing a URL or a text file having multiple URL's seprated by a new line as an input.
    • Scan History : View or delete scan history and reports.
    • Schedule Scan : Configure scans to run automatically, or on a recurring basis just like a cron job in linux.
    • Scheduled Scan History : Edit cron rule or delete any scheduled scan.
  3. Report Page-
    • View or print the details of vulnerabilities discovered after scan completes.

Key Features

* Performs scan for single or multiple WordPress applications asynchronously
* Supports both on demand and scheduled scans (like a cron job)
* Cross-platform application

How to Setup?

* Download and Install Node.js- https://nodejs.org/en/download/
* Install wpscan- https://wpscan.org/
* git clone https://github.com/cyc10n3/WPSpider.git
* cd  WPSpider
* npm install (for installing node modules or dependencies)
* npm start
* Open https://localhost:1337 or https://127.0.0.1:1337 in browser
* Login with default credentials (admin/cyc10n3)

#f03c15 It is recommended to change the login password by modifying config.jsonfile.

Screenshots

Login

Login

Dashboard: On-demand Scan

Dashboard: On-demand Scan

Dashboard: Schedule Scan

Dashboard: Schedule Scan

Scan Report

Scan Report

Known Issues

* Login bruteforce possible

Authors

  • Gaurav Mishra - Initial work - gmishra010@gmail.com

License

This project is licensed under the MIT License - see the LICENSE file for details

Press Escape to close the search panel.

Donate

Buy me a Coffee

Penetration Testing Services - Fiverr

Buy me a Coffee

Penetration Testing Services

penetration Testing Services

Web Application Security Quiz

Web Application Security Quiz

Daily Bug Bounty Writeups - Twitter

Daily Bug Bounty Writeups

Download our Latest Android Application

Guide for Penetration Testing

Daily Bug Bounty Writeups - Telegram

Daily Bug Bounty Writeups

Author

Piyush
Senior Product Security Engineer

Ethical Hacker || Penetration Tester || Gamer || Blogger || Application Security Engineer

READ ARTICLE

Donate

Buy me a Coffee

Recent Posts

  • IDOR Hunting in 2026: A Practical Playbook for Finding Broken Access Control
    IDOR Hunting in 2026: A Practical Playbook for Finding Broken Access Control
    July 10, 2026/
    0 Comments
  • MCP Server Security (2026): A Practical Pentester’s Testing Playbook
    MCP Server Security (2026): A Practical Pentester’s Testing Playbook
    July 8, 2026/
    0 Comments
  • From Prompts to AI Security Loops: A Practical Playbook
    From Prompts to AI Security Loops: A Practical Playbook
    July 7, 2026/
    0 Comments

Follow Us

SecurityCipher

Practical security guides, vulnerability deep-dives, and hands-on resources for bug bounty hunters and penetration testers.

Useful Links

  • Blogs
  • About
  • Contact

Recent Post

  • IDOR Hunting in 2026: A Practical Playbook for Finding Broken Access Control
  • MCP Server Security (2026): A Practical Pentester’s Testing Playbook
  • From Prompts to AI Security Loops: A Practical Playbook
Β© 2026 SecurityCipher. All rights reserved. Privacy Policies Β· Terms & Conditions