OWASP wpBullet

Jump to: navigation, search
OWASP Project Header.jpg

Project About

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: WpBullet
Purpose: wpBullet is a source code analysis framework capable of identifying security flaws in WordPress extensions (themes & plugins) or any other codebase which uses WordPress API functions.
License: GNU General Public License v2.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
  • Nikola Gigic
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: [Not yet released View]
Main links:
Key Contacts
current release
The current release can be found at GitHub repository
last reviewed release
The last reviewed release can be found at GitHub repository

other releases


OWASP wpBullet is an opensource software that was developed for identifying security vulnerabilities in WordPress plugins and themes. It was built following flexible patterns to allow maximum flexibility and ease of creating new detection rules. Beside analyzing source code for vulnerabilities, this tool will also map all exposed hooks which give a researcher a good starting point where to look for flaws.


This program is free software: you can redistribute it and/or modify it under the terms of the link GNU Affero General Public License 2.0 as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. Copyright © by Luka Sikic 2019.


As of July, 2019, the highest priorities for the next 6 months are:

  • Reduce the number of false-positive results
  • Add check for nonce verification, user capability/permission checks
  • Make output more user-friendly
  • Add support for results output in HTML format

Getting Involved

You can contribute to the project on GitHub repository. If you have any questions feel free to reach out at luka [ at ] sikic.eu

Project Leader

Luka Sikic


Project Type Files TOOL.jpg
Incubator Project Owasp-breakers-small.png