Launching today

WP-Hunter
WP plugin recon & SAST tool for security researchers.
4 followers
WP plugin recon & SAST tool for security researchers.
4 followers
WP-Hunter is a powerful reconnaissance and SAST tool for WordPress plugins and themes. It goes beyond basic scanning with heuristic vulnerability probability scoring (VPS) to help prioritize high-risk targets. Features include a real-time Web Dashboard, offline recon via local database sync, and deep Semgrep-based code analysis. Built for bug bounty hunters and pentesters. 🚀 Soon: AI-powered source code analysis for smarter detection.








Hello Product Hunt! 👋 I'm Ali, the creator of WP-Hunter.
As a pentester and bug bounty hunter, I realized that finding vulnerabilities in the massive WordPress ecosystem requires more than just basic scanning. That's why I built WP-Hunter!
It combines metadata analysis, heuristic risk scoring (VPS), and Semgrep-powered deep SAST into one open-source tool. It also features a modern Web Dashboard and offline recon capabilities by syncing the plugin catalog locally.
Whether you are looking for "zombie" abandoned plugins or complex vulnerabilities, WP-Hunter is designed to make the recon phase much faster and smarter.
I'm actively developing it and would absolutely love to hear your feedback, feature requests, or answer any questions you might have! 🚀
- https://github.com/xeloxa/wp-hunter
- https://www.producthunt.com/products/wp-hunter
@xeloxa When will the AI support you planned arrive?