WPUserFinder is an Open-Source Intelligence (OSINT) tool that helps you find registered users on a WordPress website. It uses the WordPress REST API to fetch user data and can also check for authors.
- Fetches user data from a WordPress website using the WordPress REST API.
- Checks for a specific number of users as specified by the user.
- Checks for authors on the WordPress website.
- Uses sessions, cookies, and a generic user agent to mimic a real user and bypass basic security checks.
- Option to save the results to a text file.
- The tool first validates the URL and the number of users to check entered by the user.
- It then creates a session using Python's
requests
library. This session is used for all subsequent requests to the website. - For each user ID from 1 to the specified number, the tool sends a GET request to the WordPress REST API endpoint (
/wp-json/wp/v2/users/{user_id}
). - If a user is found, the tool prints the user information and also writes it to a file if the user chose to save the results.
- The tool also checks for authors on the website by sending a GET request to the
/wp-json/wp/v2/users
endpoint. - If any authors are found, their information is also printed and written to the file.
This tool requires Python 3 and the requests
library. You can install the requests
library using pip:
pip install requests
- Clone the repository:
git clone https://github.com/iNeerajSihag/WPUserFinder.git
- Navigate to the cloned repository:
cd WPUserFinder
- Install dependencies :
pip install requests
orpip install -r requirements.txt
- Run the tool:
python main.py
orpython3 main.py
- Follow the prompts to enter the URL of the WordPress website and the number of users to check.
Neeraj Sihag - (github.com/iNeerajSihag)
This tool is for educational purposes only. The author is not responsible for any misuse of this tool. Always get proper authorization before testing a website.