WordPress is one of the most widely used content management systems (CMS) in the world, powering over 40% of all websites. Its popularity, however, also makes it a frequent target for cyberattacks. Among the most common attack vectors is brute-force login attempts, where automated tools try multiple username and password combinations to gain unauthorized access.
WordPress XML-RPC + WP-LOGIN Bruteforce [10 Macros] v2.11 is a penetration testing tool designed to simulate brute-force attacks on WordPress websites. It focuses on two primary access points:
XML-RPC API: A legacy WordPress interface that allows remote procedure calls. It can be abused for brute-force attacks, especially through the system.multicall function, which enables multiple login attempts in a single request.
WP-LOGIN.php (wp-admin): The standard WordPress login interface, frequently targeted by attackers through dictionary-based or credential stuffing attacks.
4 Shared
Mirrored
Mega Nz
Media Fire
4 Shared
Mirrored
Mega Nz
Media Fire