mcdruid / wapuu-the-ripper
A password cracker for WordPress
Installs: 8
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 0
Type:wp-cli-package
pkg:composer/mcdruid/wapuu-the-ripper
Requires
- wp-cli/wp-cli: >=2.0
Requires (Dev)
- behat/behat: ~2.5
This package is not auto-updated.
Last update: 2025-12-27 17:25:36 UTC
README
A password cracker for WordPress (WP-CLI)
Quick links: Using | Installing | Credits
Using
NAME
wp wtr
DESCRIPTION
Wapuu the Ripper - a tool to crack user passwords.
SYNOPSIS
wp wtr [--role=<role>] [--<field>=<value>] [--top=<top>] [--all] [--hide] [--no-guessing]
Based on Drop the Ripper for Drupal.
Users can be filtered via arguments supported by WP_User_Query().
OPTIONS
[--role=<role>]
Only check users with a certain role.
[--<field>=<value>]
Filter users by one or more arguments of WP_User_Query().
[--top=<top>]
Use the top x passwords from the wordlist (default is 25).
[--all]
Use all of the passwords from the wordlist.
[--hide]
Do not show plaintext passwords in output.
[--no-guessing]
Disables built-in password guessing (e.g. username as password).
[--wordlist=<wordlist>]
Path to a custom wordlist (default is openwall's password list).
EXAMPLES
wp wtr
wp wtr --top=100 --role=administrator
wp wtr --all --role__not_in=subscriber
wp wtr --exclude=1 --hide
wp wrt --wordlist=/tmp/rockyou.txt --include=2,3,4
Installing
You can install this package with:
wp package install git@github.com:mcdruid/wapuu-the-ripper.git
Credits
- WtR uses a default wordlist from http://www.openwall.com/wordlists
- https://ayesh.me/ for suggesting the name!