FIXME **Le PAD pour proposer une amΓ©lioration Γ  cette page :** https://pad.zenk-security.com/p/merci ====== Des outils pour scanner des CMS ====== **Wordpress** πŸ›  online free scan https://hackertarget.com/wordpress-security-scan/ πŸ›  wpxf - WordPress Exploit Framework https://github.com/rastating/wordpress-exploit-framework πŸ›  Wp brute force login https://github.com/04x/WpBrute-Priv8 πŸ›  WpscaN Project https://github.com/04x/WpscaN πŸ›  wpscan , conseil : utilisez wpscan avec une API key de WPVulnDB API https://github.com/wpscanteam/wpscan πŸ›  wordpresscan https://github.com/swisskyrepo/Wordpresscan πŸ›  wpseku https://github.com/m4ll0k/WPSeku πŸ›  zoom https://github.com/gcxtx/Zoom πŸ›  wordpress-exploit-framework https://github.com/rastating/wordpress-exploit-framework πŸ›  Vane github: https://github.com/delvelabs/vane πŸ›  Plescot https://code.google.com/archive/p/plecost/downloads πŸ›  WPhunter https://github.com/Jamalc0m/wphunter πŸ›  wpbf - WordPress Brute Force https://github.com/atarantini/wpbf πŸ›  WPForce https://github.com/n00py/WPForce πŸ›  WPSploit - Exploiting WordPress With Metasploit. https://github.com/espreto/wpsploit/ πŸ›  WPSploit - WordPress Plugin Code Scanner https://web.archive.org/web/20180617174139/https://github.com/m4ll0k/WPSploit πŸ›  WPSploit - Aggressive regex based code scanner for Wordpress Themes/Plugins. https://github.com/b4dnewz/wpsploit πŸ›  WordPress-XMLRPC-Brute-Force-Exploit https://github.com/1N3/Wordpress-XMLRPC-Brute-Force-Exploit.git πŸ›  WordPress Plugin Security Testing Cheat Sheet https://github.com/ethicalhack3r/wordpress_plugin_security_testing_cheat_sheet πŸ›  Burp WP a.k.a. WordPress Scanner https://github.com/PortSwigger/wordpress-scanner πŸ›  Burp WP a.k.a. WordPress Scanner https://github.com/kacperszurek/burp_wp πŸ›  A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed. https://github.com/umutphp/wp-vulnerability-check πŸ›  wpintel Chrome extension designed for WordPress Vulnerability Scanning and information gathering! https://github.com/Tuhinshubhra/WPintel πŸ›  [discontinued] Mass exploiter of CVE-2015-1579 for WordPress CMS https://github.com/APT55/WordPressMassExploiter πŸ›  Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 https://github.com/teambugsbunny/wpUsersScan πŸ›  Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 - https://github.com/R3K1NG/wpUsersScan πŸ›  A simple script to check for CVE's for specific WordPress versions, plugins, and themes https://github.com/t0pang4/WordPress-Vulnerability-Scanner πŸ›  Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service. https://github.com/m3ssap0/wordpress_cve-2018-6389 πŸ›  Wp-sec is an extension for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com. All installed versions of core, plugins and themes can be checked and monitored, so you know when to update your Wordpress installation. https://github.com/markri/wp-sec πŸ›  Wordpress Scanning, Username Enumeration, Backup Grabbing https://github.com/hudacbr/D-TECT **Drupal** πŸ›  Drupal online free scanner https://hackertarget.com/drupal-security-scan/ πŸ›  DrupalScan https://github.com/rverton/DrupalScan πŸ›  Drupscan https://github.com/tibillys/drupscan πŸ›  Droopescan github: https://github.com/droope/droopescan πŸ›  Drupalgeddon 2 / 3: https://github.com/dreadlocked/Drupalgeddon2 / https://github.com/rithchard/Drupalgeddon3 πŸ›  Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002 : https://github.com/a2u/CVE-2018-7600 πŸ›  RCE REST de Drupal8, SA-CORE-2019-003, CVE-2019-6340 https://github.com/jas502n/CVE-2019-6340 πŸ›  Outils de collecte et d'exploitation d'informations Drupal https://github.com/immunIT/drupwn **Joomla** πŸ›  Online free joomla scan https://hackertarget.com/joomla-security-scan/ πŸ›  Joomscan https://github.com/rezasp/joomscan πŸ›  Joomlascan https://github.com/drego85/JoomlaScan πŸ›  JCS https://github.com/TheM4hd1/JCS πŸ›  Joomlavs https://github.com/rastating/joomlavs.git πŸ›  OWASP Joomla! vulnerability Scanner https://github.com/PentestBox/OWASP-Joomla-Vulnerability-Scanner πŸ›  OWASP Joomla! Security Scanner https://sourceforge.net/projects/joomscan/ πŸ›  Jooforce is a small Python application used to test the vulnerability of Joomla installations against brute force attacks. It supports being able to spoof user-agents and has the ability to automatically switch between different proxies to avoid detection. https://github.com/rastating/jooforce πŸ›  [discontinued] Mass exploiter of CVE 2015-8562 for Joomla! CMS https://github.com/APT55/JoomlaMassExploiter **Django** πŸ›  Application Django pour dΓ©tecter l'exposition d'informations sensibles en raison d'une mauvaise configuration : Https://github.com/6IX7ine/djangohunter **Concrete** πŸ›  Vulnerability scanner and information gatherer for the Concrete5 CMS : https://github.com/0x646e78/c5scan **Discuz** πŸ›  Discuz scanner https://github.com/code-scan/dzscan **Magento** πŸ›  LetMeFuckIt Scanner AutoPWNED https://github.com/onthefrontline/LetMeFuckIt-Scanner πŸ›  Magescan https://github.com/steverobbins/magescan https://github.com/steverobbins/magescan/releases/download/v1.12.9/magescan.phar **Moodle** πŸ›  Flunym0us https://github.com/fluproject/flunym0us πŸ›  Mooscan https://web.archive.org/web/20180627174926/https://github.com/vortexau/mooscan πŸ›  Mooscan https://github.com/C0dak/mooscan **vBulletin ** πŸ›  OWASP VBScan is a Black Box vBulletin Vulnerability Scanner https://github.com/rezasp/vbscan **Plone CMS** πŸ›  Security scanner tool for Plone CMS. https://github.com/unweb/plown **SPIP** πŸ›  SPIPScan https://github.com/PaulSec/SPIPScan **Symfony** πŸ›  Enemies Of Symfony (EOS) - EOS loots information from a Symfony target in debug mode https://github.com/lodi-g/eos πŸ›  Exploits targeting Symfony. See: Symfony's secret fragments https://github.com/ambionics/symfony-exploits **Divers CMS** πŸ›  online free scan https://www.nmmapper.com/tools/reconnaissance-tools/cmseek-scanning/CMS%20Detection%20and%20Exploitation%20suite/ πŸ›  All in one tool for Information Gathering and Vulnerability Scanning https://github.com/nandydark/DARK-EAGLE πŸ›  CMSmap https://github.com/Dionach/CMSmap πŸ›  CMSeeK https://github.com/Tuhinshubhra/CMSeeK πŸ›  ICG-AutoExploiterBoT Wordpress πŸ”₯ Joomla πŸ”₯ Drupal πŸ”₯ OsCommerce πŸ”₯ Prestashop πŸ”₯ Opencart https://github.com/04x/ICG-AutoExploiterBoT πŸ›  CMSsc4n https://github.com/n4xh4ck5/CMSsc4n πŸ›  CMS-Scan https://github.com/PortSwigger/cms-scan πŸ›  wig – WebApp Information Gatherer – Identify CMS. https://github.com/jekyc/wig πŸ›  web-sorrow https://code.google.com/archive/p/web-sorrow/ πŸ›  SVScanner - Scanner Vulnerability And MaSsive Exploit. https://github.com/radenvodka/SVScanner πŸ›  CMS exploit framework https://github.com/CHYbeta/cmsPoc πŸ›  Fingerprinter for CMS https://github.com/boy-hack/gwhatweb πŸ›  Auto detect CMS and exploit https://github.com/mobrine-mob/M0B-tool πŸ›  CMS auto detect and exploit https://github.com/MrSqar-Ye/BadMod πŸ›  Web Recon & Exploitaition Tool. https://github.com/truerandom/crawleet πŸ›  FazScan is a Perl program to do some vulnerability scanning and pentesting https://github.com/Anon6372098/FazScan πŸ›  CMS Exploit Framework https://github.com/Q2h1Cg/CMS-Exploit-Framework πŸ›  Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of CMS https://github.com/anouarbensaad/vulnx πŸ›  CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues https://github.com/ajinabraham/CMSScan πŸ›  A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner https://github.com/bahaabdelwahed/killshot πŸ›  Automated Penetration Testing Framework for Content Management Systems https://github.com/pradeepjairamani/CMS_Striker πŸ›  Security scanner to find temporary config files that contain passwords on public websites (joomla Wordpress) https://github.com/feross/CMSploit πŸ›  Test your site to resistance to a bruteforce attack. Joomla, Drupal, WordPress, Magento and DLE bruteforce. https://github.com/TheDevFromKer/CMS-Attack πŸ›  Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan. https://github.com/stasinopoulos/Jaidam πŸ›  X Brute Forcer Tool WordPress, Joomla, DruPal, OpenCart, Magento https://github.com/Moham3dRiahi/XBruteForcer πŸ›  Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development) https://github.com/r3dxpl0it/TheXFramework πŸ›  WhiteBox CMS analysis https://github.com/Intrinsec/comission πŸ›  dumb0 19.1493e74 A simple tool to dump users in popular forums and CMS. https://github.com/0verl0ad/Dumb0 πŸ›  This project is designed to enumerate back-end hosting Content Management Systems and aid security professionals in detecting vulnerabilities within them. https://github.com/ptonewreckin/cmsDetector πŸ›  eZpublish vulnerability scanner https://github.com/thomas-lab/eZscanner πŸ›  Zombi Bot https://www.sitexploit.me/2019/08/free-zombi-bot-v8-bot-auto-upload-shell.html πŸ›  ICG-AutoExploiterBoT https://github.com/04x/ICG-AutoExploiterBoT/blob/master/README.md πŸ›  ICG BOT FULL RECODED. https://github.com/apidotmy/Fuckedz?files=1 πŸ›  M3m0 Tool Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/M3M0 πŸ›  007BOT βš”οΈ Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/007BOT πŸ›  izocin bot priv8 ..