Hungry for more features?
Want to support development?
Upgrade to Pro!
Look-See Security Scanner

Look-See Security Scanner

Look-see Security Scanner is designed to help you quickly and easily spot the sorts of file system irregularities that happen when a site is hacked.

  • Verify the integrity of all core WordPress files, including plugins and themes hosted by WordPress;
  • Search `wp-admin/` and `wp-includes/` for unexpected files;
  • Search `wp-content/uploads/` for hidden scripts;
  • Identify file changes since previous scan;
  • Locate files left over from older versions of WordPress;
  • Analyze configurations for oversights and vulnerabilities;
  • Check uploaded themes and plugins against the WPScan Vulnerabilities Database;

Screenshots

Premium Licensing

Look-see Security Scanner is designed to help you quickly and easily spot the sorts of file system irregularities that happen when a site is hacked.

  • Verify the integrity of all core WordPress files, including plugins and themes hosted by WordPress;
  • Search `wp-admin/` and `wp-includes/` for unexpected files;
  • Search `wp-content/uploads/` for hidden scripts;
  • Identify file changes since previous scan;
  • Locate files left over from older versions of WordPress;
  • Analyze configurations for oversights and vulnerabilities;
  • Check uploaded themes and plugins against the WPScan Vulnerabilities Database;

We hate complicated licensing!, so have kept ours dead simple. All licenses come with free lifetime updates. Single licenses are valid for use on one domain, while Developer licenses can be used on any number of different projects.

For more information about plugin licensing, please have a look at the FAQ.

Changelog

21.1.0
fix Improve recovery cleanup for temporary files and directories.
21.0.5
misc Improve system requirement handling.
21.0.4
misc Performance improvements.
21.0.3
new Update notice for Must-Use installs.
fix Rerun dbDelta if tables are missing.
misc Suppress PHP Intl warning unless site domain appears to be IDN.
21.0.2
misc Update dependencies.
21.0.1
misc Update MIME database.
misc Reduce package size.
21.0.0
new This is a major new release, re-coded from the ground up for better performance and security, and packed with tons of new features. Enjoy!
20.2.0
misc Add an admin notice for users running out-of-support versions of PHP.
misc This will be the last release supporting PHP 5.4+. Future releases will require PHP 5.6+.
20.1.5
fix Additional workaround.
20.1.4
fix Workaround for unreadable files.
20.1.3
new Plugins page links.
new Additional backup file checks.
20.1.2
fix Checksum locale issue.
20.1.1
fix CSS tweaks to make plugin vulnerability history more readable.
fix Better version/locale detection.
fix Pre-scan fail error not always displayed.
new Color-code fixed vulnerabilities.
20.1
misc The plugin has been completely rewritten from the ground up to provide a cleaner interface, faster performance, and more detailed and accurate results.
15.09-4
misc Lower memory usage.
15.09-3
misc Much faster building of obsolete files database.
fix Minor Windows server issue.
15.09-2
fix Better recovery from bad server response.
15.09
new Compare file permissions.
new Show plugin/theme installed version numbers.
misc Code clean-up.
15.08
new Search files for common malware functions.
15.03-2
fix Improve compatibility with InnoDB installations.
15.03
fix Check for existence of MySQL table before prompting to install checksums.
15.02-2
change Small db change.
15.02
misc UX improvements.
misc Code clean-up.
14.12-2
misc Look-See now gets its checksums directly from WordPress, so version support is more or less automatic and includes locale support.
14.12
new Check plugins and themes against WPScan Vulnerability Database.
14.11
new Checksums for WP 4.0.1.
14.09
new Checksums for WP 4.0.
drop Removed support for 3.7.* and 3.8.*.
14.08
new Checksums for WP 3.9.2.
14.05.2
new Checksums for WP 3.7.2 and 3.7.3.
14.05
new Checksums for WP 3.9.1.
14.04.4
new Checksums for WP 3.9.
14.04.3
new Checksums for WP 3.8.3.
14.04
new Checksums for WP 3.8.2.
14.01
new Checksums for WP 3.8.1.
13.12
new Checksums for WP 3.8.
13.11
misc Faster database I/O during scans (~2x faster).
new Option to ignore WP cache files.
misc Updated SSL session analysis.
13.10.3
new Checksums for WP 3.7.1.
drop Dropped compatibility with WordPress 3.5.*.
13.10.2
new Checksums for WP 3.7.
13.10
new Option to scan only core files.
13.09.3
misc Minor branding update.
13.09.2
misc Updated list of old core files, so scan results categorize them as such rather than “suspicious”.
13.09
new Checksums for WP 3.6.1.
13.08.3
fix Undefined variable PHP Notice.
fix Hang in Firefox upon scan completion.
13.08.2
fix Replace deprecated $wpdb->escape() with esc_sql().
13.08
new Checksums for WP 3.6.
13.07
new Checksums for WP 3.5.2.
drop Removed compatibility with WordPress 3.4.2.
13.05
fix Replace a couple functions that are deprecated as of PHP 5.5.0.
13.04
new Added support for InnoDB database engine.
misc Minor speed improvements.
13.01
new Checksums for WP 3.5.1.
misc Changed version naming scheme to YY.MM.
3.5-6
fix Uninstallation now removes all plugin data/settings.
new Prevent installation on WPMU blogs.
fix Use $_SERVER instead of getenv() as it is more compatible across environments.
new Configuration Analysis checks for inactive themes and plugins.
3.5-5
fix Missing files incorrectly shown as being skipped.
new Configuration Analysis checks for phpinfo.php, SSL, WP plugin/theme editor.
misc Code clean-up.
3.5-4
misc Files left over from old WP installations are better explained in results.
new Configuration Analysis looks for oversights and vulnerabilities in configuration.
fix Renamed duplicate form field IDs.
3.5-3
new Setting to ignore files above a certain size.
new Ability to abort scan in progress.
new Ability to re-install WordPress core definitions.
misc Various performance improvements.
fix Better error handling.
3.5-2
fix Potential file name bug.
misc Code clean-up.
3.5
new Checksums for WP 3.5.
3.4.2-7
fix Case-insensitive indexes could prevent scanning all files.
misc File system scanning now roughly 27% faster.
misc Added set_time_limit() to help prevent execution timeouts.
3.4.2-6
misc Dramatically simplified scan process and reporting.
misc Queue-based scanning to improve support with slow servers.
change MD5 checksums are once again used for validating custom content.
3.4.2-5
change Switched from MD5 to CRC32 checksums for the custom file database as the former was simply too slow for many users.
3.4.2-4
fix Disable automatic building of custom file database when missing; operation can take a long time on slow servers.
3.4.2-3
new Automatically build custom file database when missing.
3.4.2-2
fix Bug affecting wp-content/uploads scan when uploads are split into multiple folders.
new Custom content scan.
new Scans now report duration spent in execution.
fix Improved support for Windows servers.
new Last-run timestamp for each scan.
3.4.2
new Look-See is born!