FIXME Le PAD pour proposer une amΓ©lioration Γ  cette page : https://pad.zenk-security.com/p/merci

Des outils pour scanner des CMS

Wordpress

πŸ›  online free scan https://hackertarget.com/wordpress-security-scan/

πŸ›  wpxf - WordPress Exploit Framework https://github.com/rastating/wordpress-exploit-framework

πŸ›  Wp brute force login https://github.com/04x/WpBrute-Priv8

πŸ›  WpscaN Project https://github.com/04x/WpscaN

πŸ›  wpscan , conseil : utilisez wpscan avec une API key de WPVulnDB API https://github.com/wpscanteam/wpscan

πŸ›  wordpresscan https://github.com/swisskyrepo/Wordpresscan

πŸ›  wpseku https://github.com/m4ll0k/WPSeku

πŸ›  zoom https://github.com/gcxtx/Zoom

πŸ›  wordpress-exploit-framework https://github.com/rastating/wordpress-exploit-framework

πŸ›  Vane github: https://github.com/delvelabs/vane

πŸ›  Plescot https://code.google.com/archive/p/plecost/downloads

πŸ›  WPhunter https://github.com/Jamalc0m/wphunter

πŸ›  wpbf - WordPress Brute Force https://github.com/atarantini/wpbf

πŸ›  WPForce https://github.com/n00py/WPForce

πŸ›  WPSploit - Exploiting WordPress With Metasploit. https://github.com/espreto/wpsploit/

πŸ›  WPSploit - WordPress Plugin Code Scanner https://web.archive.org/web/20180617174139/https://github.com/m4ll0k/WPSploit

πŸ›  WPSploit - Aggressive regex based code scanner for Wordpress Themes/Plugins. https://github.com/b4dnewz/wpsploit

πŸ›  WordPress-XMLRPC-Brute-Force-Exploit https://github.com/1N3/Wordpress-XMLRPC-Brute-Force-Exploit.git

πŸ›  WordPress Plugin Security Testing Cheat Sheet https://github.com/ethicalhack3r/wordpress_plugin_security_testing_cheat_sheet

πŸ›  Burp WP a.k.a. WordPress Scanner https://github.com/PortSwigger/wordpress-scanner

πŸ›  Burp WP a.k.a. WordPress Scanner https://github.com/kacperszurek/burp_wp

πŸ›  A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed. https://github.com/umutphp/wp-vulnerability-check

πŸ›  wpintel Chrome extension designed for WordPress Vulnerability Scanning and information gathering! https://github.com/Tuhinshubhra/WPintel

πŸ›  [discontinued] Mass exploiter of CVE-2015-1579 for WordPress CMS https://github.com/APT55/WordPressMassExploiter

πŸ›  Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 https://github.com/teambugsbunny/wpUsersScan

πŸ›  Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 - https://github.com/R3K1NG/wpUsersScan

πŸ›  A simple script to check for CVE's for specific WordPress versions, plugins, and themes https://github.com/t0pang4/WordPress-Vulnerability-Scanner

πŸ›  Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service. https://github.com/m3ssap0/wordpress_cve-2018-6389

πŸ›  Wp-sec is an extension for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com. All installed versions of core, plugins and themes can be checked and monitored, so you know when to update your Wordpress installation. https://github.com/markri/wp-sec

πŸ›  Wordpress Scanning, Username Enumeration, Backup Grabbing https://github.com/hudacbr/D-TECT

Drupal

πŸ›  Drupal online free scanner https://hackertarget.com/drupal-security-scan/

πŸ›  DrupalScan https://github.com/rverton/DrupalScan

πŸ›  Drupscan https://github.com/tibillys/drupscan

πŸ›  Droopescan github: https://github.com/droope/droopescan

πŸ›  Drupalgeddon 2 / 3: https://github.com/dreadlocked/Drupalgeddon2 / https://github.com/rithchard/Drupalgeddon3

πŸ›  Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002 : https://github.com/a2u/CVE-2018-7600

πŸ›  RCE REST de Drupal8, SA-CORE-2019-003, CVE-2019-6340 https://github.com/jas502n/CVE-2019-6340

πŸ›  Outils de collecte et d'exploitation d'informations Drupal https://github.com/immunIT/drupwn

Joomla

πŸ›  Online free joomla scan https://hackertarget.com/joomla-security-scan/

πŸ›  Joomscan https://github.com/rezasp/joomscan

πŸ›  Joomlascan https://github.com/drego85/JoomlaScan

πŸ›  JCS https://github.com/TheM4hd1/JCS

πŸ›  Joomlavs https://github.com/rastating/joomlavs.git

πŸ›  OWASP Joomla! vulnerability Scanner https://github.com/PentestBox/OWASP-Joomla-Vulnerability-Scanner

πŸ›  OWASP Joomla! Security Scanner https://sourceforge.net/projects/joomscan/

πŸ›  Jooforce is a small Python application used to test the vulnerability of Joomla installations against brute force attacks. It supports being able to spoof user-agents and has the ability to automatically switch between different proxies to avoid detection. https://github.com/rastating/jooforce

πŸ›  [discontinued] Mass exploiter of CVE 2015-8562 for Joomla! CMS https://github.com/APT55/JoomlaMassExploiter

Django

πŸ›  Application Django pour dΓ©tecter l'exposition d'informations sensibles en raison d'une mauvaise configuration : Https://github.com/6IX7ine/djangohunter

Concrete

πŸ›  Vulnerability scanner and information gatherer for the Concrete5 CMS : https://github.com/0x646e78/c5scan

Discuz

πŸ›  Discuz scanner https://github.com/code-scan/dzscan

Magento

πŸ›  LetMeFuckIt Scanner AutoPWNED https://github.com/onthefrontline/LetMeFuckIt-Scanner

πŸ›  Magescan https://github.com/steverobbins/magescan https://github.com/steverobbins/magescan/releases/download/v1.12.9/magescan.phar

Moodle

πŸ›  Flunym0us https://github.com/fluproject/flunym0us

πŸ›  Mooscan https://web.archive.org/web/20180627174926/https://github.com/vortexau/mooscan

πŸ›  Mooscan https://github.com/C0dak/mooscan

vBulletin

πŸ›  OWASP VBScan is a Black Box vBulletin Vulnerability Scanner https://github.com/rezasp/vbscan

Plone CMS

πŸ›  Security scanner tool for Plone CMS. https://github.com/unweb/plown

SPIP

πŸ›  SPIPScan https://github.com/PaulSec/SPIPScan

Symfony

πŸ›  Enemies Of Symfony (EOS) - EOS loots information from a Symfony target in debug mode https://github.com/lodi-g/eos

πŸ›  Exploits targeting Symfony. See: Symfony's secret fragments https://github.com/ambionics/symfony-exploits

Divers CMS

πŸ›  online free scan https://www.nmmapper.com/tools/reconnaissance-tools/cmseek-scanning/CMS%20Detection%20and%20Exploitation%20suite/

πŸ›  All in one tool for Information Gathering and Vulnerability Scanning https://github.com/nandydark/DARK-EAGLE

πŸ›  CMSmap https://github.com/Dionach/CMSmap

πŸ›  CMSeeK https://github.com/Tuhinshubhra/CMSeeK

πŸ›  ICG-AutoExploiterBoT Wordpress πŸ”₯ Joomla πŸ”₯ Drupal πŸ”₯ OsCommerce πŸ”₯ Prestashop πŸ”₯ Opencart https://github.com/04x/ICG-AutoExploiterBoT

πŸ›  CMSsc4n https://github.com/n4xh4ck5/CMSsc4n

πŸ›  CMS-Scan https://github.com/PortSwigger/cms-scan

πŸ›  wig – WebApp Information Gatherer – Identify CMS. https://github.com/jekyc/wig

πŸ›  web-sorrow https://code.google.com/archive/p/web-sorrow/

πŸ›  SVScanner - Scanner Vulnerability And MaSsive Exploit. https://github.com/radenvodka/SVScanner

πŸ›  CMS exploit framework https://github.com/CHYbeta/cmsPoc

πŸ›  Fingerprinter for CMS https://github.com/boy-hack/gwhatweb

πŸ›  Auto detect CMS and exploit https://github.com/mobrine-mob/M0B-tool

πŸ›  CMS auto detect and exploit https://github.com/MrSqar-Ye/BadMod

πŸ›  Web Recon & Exploitaition Tool. https://github.com/truerandom/crawleet

πŸ›  FazScan is a Perl program to do some vulnerability scanning and pentesting https://github.com/Anon6372098/FazScan

πŸ›  CMS Exploit Framework https://github.com/Q2h1Cg/CMS-Exploit-Framework

πŸ›  Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of CMS https://github.com/anouarbensaad/vulnx

πŸ›  CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues https://github.com/ajinabraham/CMSScan

πŸ›  A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner https://github.com/bahaabdelwahed/killshot

πŸ›  Automated Penetration Testing Framework for Content Management Systems https://github.com/pradeepjairamani/CMS_Striker

πŸ›  Security scanner to find temporary config files that contain passwords on public websites (joomla Wordpress) https://github.com/feross/CMSploit

πŸ›  Test your site to resistance to a bruteforce attack. Joomla, Drupal, WordPress, Magento and DLE bruteforce. https://github.com/TheDevFromKer/CMS-Attack

πŸ›  Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan. https://github.com/stasinopoulos/Jaidam

πŸ›  X Brute Forcer Tool WordPress, Joomla, DruPal, OpenCart, Magento https://github.com/Moham3dRiahi/XBruteForcer

πŸ›  Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development) https://github.com/r3dxpl0it/TheXFramework

πŸ›  WhiteBox CMS analysis https://github.com/Intrinsec/comission

πŸ›  dumb0 19.1493e74 A simple tool to dump users in popular forums and CMS. https://github.com/0verl0ad/Dumb0

πŸ›  This project is designed to enumerate back-end hosting Content Management Systems and aid security professionals in detecting vulnerabilities within them. https://github.com/ptonewreckin/cmsDetector

πŸ›  eZpublish vulnerability scanner https://github.com/thomas-lab/eZscanner

πŸ›  Zombi Bot https://www.sitexploit.me/2019/08/free-zombi-bot-v8-bot-auto-upload-shell.html

πŸ›  ICG-AutoExploiterBoT https://github.com/04x/ICG-AutoExploiterBoT/blob/master/README.md

πŸ›  ICG BOT FULL RECODED. https://github.com/apidotmy/Fuckedz?files=1

πŸ›  M3m0 Tool Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/M3M0

πŸ›  007BOT βš”οΈ Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/007BOT

πŸ›  izocin bot priv8 ..