Introducing WPHackCebola, the CloudFest 2023 Codeable experts hackathon project.

Designed to enhance your website’s security, WPHackCebola uses dynamic analysis to detect potential security vulnerabilities in WordPress installations running within containers.

Inspired by the wpgarlic proof-of-concept article, we’ve taken our approach further by simulating bogus requests and identifying where they produce unexpected output.

How it works

With our dynamic tool, you can test your website against vulnerabilities that may exist within your plugins.

ANALYZE
INTERCEPT
DETECT

Our PHP command analyzes your plugin’s behavior and the data it accesses, including GET and POST parameters. We then inject our tool into your plugin’s cores, allowing us to intercept and retrieve data, send requests, and intercept function properties and return values. This helps us detect any unescaped output or leaked internal data, providing you with greater protection against potential security threats.

The Team

Created with by Codeable Experts @ CloudFest Hackathon 2023

Processed with VSCO with e2 preset

Proudly powered by WordPress and hosted on Indystack