-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wordpress Security Scanner #66
Conversation
Hey @kazet what do you think about this tool for Artemis? Anything i can improve on the code or do you think it is not that interesting because you got other wordpress tools? |
Hello, First, sorry for the significant delay in getting back to you! In Artemis we already have a module that checks whether WordPress plugins are up-to-date, but this one gives you one more thing - vulnerability information from WPScan, so it would be a good idea to add such a feature. Because wpscan is not open source (https://github.com/wpscanteam/wpscan/blob/master/LICENSE) I need to check with our legal team how to solve this - I'll get back to you on Friday (February 23). |
Hello, getting back to you! We will be able to merge the wpscan module after adding some kind of a disclaimer that describes the terms to run wpscan, links to the license etc. - we will propose something next week. Would it be possible for you to add reporting capabilities to this PR, so that issues found by wpscan are added to the reports generated by Artemis? |
Yes i will work on that and improve the pull request 👍🏻 |
Hello, made some minor improvements, e.g. improved the report grammar, added license disclaimer and due to wpscan non-standard license made the module disabled by default. Please make sure the PR is still consistent with your vision and if it still is, let me know - we will merge ;) Sorry again that it took so long! |
😄 I would love if you merge the branch. |
This pull request adds the "WP-Scan" module to Artemis. github.com/wpscanteam/wpscan
WP-Scan is an open-source WordPress security scanner designed to identify vulnerabilities and security issues within WordPress installations.
Additionally, you can enhance the module's functionality by adding your official WPScan API key to a
WPSCAN_API_KEY
variable in theExtraModulesConfig
class. This allows Artemis to also query the official WPScan API.Please review the changes and let me know if you have any concerns or suggestions for improvement.