diff --git a/README b/README
index c55533ba..967a8479 100644
--- a/README
+++ b/README
@@ -169,12 +169,16 @@ Enumerate instaled plugins...
 --update  | -u   Update to the latest revision.
 --generate_plugin_list [number of pages]  Generate a new data/plugins.txt file. (supply number of *pages* to parse, default : 150)
 --gpl  Alias for --generate_plugin_list
+--check-local-vulnerable-files | --clvf <local directory>  Perform a recursive scan in the <local directory> to find vulnerable files or shells
 
 ==WPSTOOLS EXAMPLES==
 
 - Generate a new 'most popular' plugin list, up to 150 pages ...
 ruby wpstools.rb --generate_plugin_list 150
 
+- Locally scan a wordpress installation for vulnerable files or shells :
+ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/
+
 ===PROJECT HOME===
 
 www.wpscan.org
diff --git a/README.md b/README.md
index cf994ccf..e498eaf3 100644
--- a/README.md
+++ b/README.md
@@ -187,6 +187,7 @@ Update WPScan...
     --update  | -u   Update to the latest revision.
     --generate_plugin_list [number of pages]  Generate a new data/plugins.txt file. (supply number of *pages* to parse, default : 150)
     --gpl  Alias for --generate_plugin_list
+    --check-local-vulnerable-files | --clvf <local directory>  Perform a recursive scan in the <local directory> to find vulnerable files or shells
 
 #### WPSTOOLS EXAMPLES
 
@@ -194,6 +195,10 @@ Generate a new 'most popular' plugin list, up to 150 pages...
 
 ```ruby wpstools.rb --generate_plugin_list 150```
 
+Locally scan a wordpress installation for vulnerable files or shells :
+```ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/```
+
+
 #### PROJECT HOME
 
 www.wpscan.org
diff --git a/data/local_vulnerable_files.xml b/data/local_vulnerable_files.xml
new file mode 100644
index 00000000..e9f3a65c
--- /dev/null
+++ b/data/local_vulnerable_files.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+WPScan - WordPress Security Scanner
+Copyright (C) 2011  Ryan Dewhurst AKA ethicalhack3r
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+ryandewhurst at gmail
+
+  <hash sha1="">
+    <title></title>
+    <file></file>
+    <reference></reference>
+  </hash>
+
+-->
+
+<hashes>
+
+  <hash sha1="17c372678aafb3bc1a7b37320b5cc1d8af433527">
+    <title>XSS in swfupload.swf</title>
+    <file>swfupload.swf</file>
+    <reference>http://brindi.si/g/blog/vulnerable-swf-bundled-in-wordpress-plugins.html</reference>
+  </hash>
+
+</hashes>
+
diff --git a/lib/environment.rb b/lib/environment.rb
index 432ce7a6..f0c7edd5 100644
--- a/lib/environment.rb
+++ b/lib/environment.rb
@@ -25,6 +25,7 @@ begin
   require 'resolv'
   require 'xmlrpc/client'
   require 'digest/md5'
+  require 'digest/sha1'
   require 'readline'
   require 'base64'
   require 'cgi'
diff --git a/lib/wpstools/wpstools_helper.rb b/lib/wpstools/wpstools_helper.rb
index 4320b268..3ff84bad 100644
--- a/lib/wpstools/wpstools_helper.rb
+++ b/lib/wpstools/wpstools_helper.rb
@@ -28,19 +28,22 @@ def usage()
   puts "Examples:"
   puts
   puts "- Generate a new 'most popular' plugin list, up to 150 pages ..."
-  puts "ruby " + script_name + " --generate_plugin_list 150"
+  puts "ruby #{script_name} --generate_plugin_list 150"
   puts
   puts "- Generate a new full plugin list"
-  puts "ruby " + script_name + " --generate_full_plugin_list"
+  puts "ruby #{script_name} --generate_full_plugin_list"
   puts
   puts "- Generate a new 'most popular' theme list, up to 150 pages ..."
-  puts "ruby " + script_name + " --generate_theme_list 150"
+  puts "ruby #{script_name} --generate_theme_list 150"
   puts
   puts "- Generate a new full theme list"
-  puts "ruby " + script_name + " --generate_full_theme_list"
+  puts "ruby #{script_name} --generate_full_theme_list"
   puts
   puts "- Generate all list"
-  puts "ruby " + script_name + " --generate_all"
+  puts "ruby #{script_name} --generate_all"
+  puts
+  puts "Locally scan a wordpress installation for vulnerable files or shells"
+  puts "ruby #{script_name} --check-local-vulnerable-files /var/www/wordpress/"
   puts
   puts "See README for further information."
   puts
@@ -63,5 +66,6 @@ def help()
   puts "--generate_all  Generate a new full plugins, full themes, popular plugins and popular themes list"
   puts "--ga  Alias for --generate_all"
   puts "--check-vuln-ref-urls | --cvru  Check all the vulnerabilities reference urls for 404"
+  puts "--check-local-vulnerable-files | --clvf <local directory>  Perform a recursive scan in the <local directory> to find vulnerable files or shells"
   puts
 end
diff --git a/wpstools.rb b/wpstools.rb
index d7a50cf0..de3e9a61 100755
--- a/wpstools.rb
+++ b/wpstools.rb
@@ -46,7 +46,9 @@ begin
       ["--ga", GetoptLong::OPTIONAL_ARGUMENT],            # Alias for --generate_all
       ["--update", "-u", GetoptLong::NO_ARGUMENT],
       ["--check-vuln-ref-urls", GetoptLong::NO_ARGUMENT],
-      ["--cvru", GetoptLong::NO_ARGUMENT]                 # Alias for --check-vuln-ref-urls
+      ["--cvru", GetoptLong::NO_ARGUMENT],                 # Alias for --check-vuln-ref-urls
+      ["--check-local-vulnerable-files", GetoptLong::REQUIRED_ARGUMENT],
+      ["--clvf", GetoptLong::REQUIRED_ARGUMENT]            # Alias for --check-local-vulnerable-files
   )
 
   options.each do |option, argument|
@@ -88,6 +90,9 @@ begin
         @generate_full_plugin_list = true
       when "--check-vuln-ref-urls", "--cvru"
         @check_vuln_ref_urls = true
+      when "--check-local-vulnerable-files", "--clvf"
+        @check_local_vulnerable_files = true
+        @dir_to_scan                  = argument
     end
   end
 
@@ -179,6 +184,57 @@ begin
     end
   end
 
+  if @check_local_vulnerable_files
+    if Dir::exist?(@dir_to_scan)
+      local_hashes   = {}
+      xml_file = DATA_DIR + "/local_vulnerable_files.xml"
+
+      print "[+] Generating local hashes ... "
+
+      Dir[File::join(@dir_to_scan, "**", "*.{js,php,swf}")].each do |filename|
+        sha1sum = Digest::SHA1.file(filename).hexdigest
+
+        if local_hashes.has_key?(sha1sum)
+          local_hashes[sha1sum] << filename
+        else
+          local_hashes[sha1sum] = [filename]
+        end
+      end
+
+      puts "done."
+
+      puts "[+] Checking for vulnerable files ..."
+
+      xml = Nokogiri::XML(File.open(xml_file)) do |config|
+        config.noblanks
+      end
+
+      xml.xpath("//hash").each do |node|
+        sha1sum = node.attribute("sha1").text
+
+        if local_hashes.has_key?(sha1sum)
+          local_filenames = local_hashes[sha1sum]
+          vuln_title      = node.search("title").text
+          vuln_filename   = node.search("file").text
+          vuln_refrence   = node.search("reference").text
+
+          puts "  #{vuln_filename} found :"
+          puts "  | Location(s):"
+          local_filenames.each do |file|
+            puts "  |  - #{file}"
+          end
+          puts "  | Title: #{vuln_title}"
+          puts "  | Refrence: #{vuln_refrence}"
+        end
+      end
+
+      puts "done."
+
+    else
+      puts "The supplied directory '#{@dir_to_scan}' does not exist"
+    end
+  end
+
 rescue => e
   puts "[ERROR] #{e.message}"
   puts "Trace :"