Outils d'utilisateurs

Outils du Site


des_outils_pour_scanner_des_cms

Différences

Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.

Lien vers cette vue

des_outils_pour_scanner_des_cms [2019/09/14 23:24]
M0N5T3R
des_outils_pour_scanner_des_cms [2022/12/14 09:13] (Version actuelle)
M0N5T3R
Ligne 1: Ligne 1:
 +FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci
 +
 +
 +====== Des outils pour scanner des CMS ======
  
  
 **Wordpress** **Wordpress**
 +
 +🛠 online free scan https://hackertarget.com/wordpress-security-scan/
 +
 +🛠 wpxf - WordPress Exploit Framework https://github.com/rastating/wordpress-exploit-framework
 +
 +🛠 Wp brute force login https://github.com/04x/WpBrute-Priv8
  
 🛠 WpscaN Project https://github.com/04x/WpscaN 🛠 WpscaN Project https://github.com/04x/WpscaN
  
-🛠 wpscan https://github.com/wpscanteam/wpscan+🛠 wpscan , conseil : utilisez wpscan avec une API key de WPVulnDB API  https://github.com/wpscanteam/wpscan
  
 🛠 wordpresscan https://github.com/swisskyrepo/Wordpresscan 🛠 wordpresscan https://github.com/swisskyrepo/Wordpresscan
Ligne 25: Ligne 35:
 🛠  WPForce https://github.com/n00py/WPForce 🛠  WPForce https://github.com/n00py/WPForce
  
-🛠 WPSploit - Exploiting WordPress With Metasploit.  https://github.com/espreto/wpsploit/blob/master/README.md+🛠 WPSploit - Exploiting WordPress With Metasploit.  https://github.com/espreto/wpsploit/
  
 🛠 WPSploit - WordPress Plugin Code Scanner https://web.archive.org/web/20180617174139/https://github.com/m4ll0k/WPSploit 🛠 WPSploit - WordPress Plugin Code Scanner https://web.archive.org/web/20180617174139/https://github.com/m4ll0k/WPSploit
Ligne 41: Ligne 51:
 🛠 A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed. https://github.com/umutphp/wp-vulnerability-check 🛠 A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed. https://github.com/umutphp/wp-vulnerability-check
  
 +🛠 wpintel Chrome extension designed for WordPress Vulnerability Scanning and information gathering! https://github.com/Tuhinshubhra/WPintel
 +
 +🛠 [discontinued] Mass exploiter of CVE-2015-1579 for WordPress CMS https://github.com/APT55/WordPressMassExploiter
 +
 +🛠 Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 https://github.com/teambugsbunny/wpUsersScan
 +
 +🛠 Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 - https://github.com/R3K1NG/wpUsersScan
 +
 +🛠 A simple script to check for CVE's for specific WordPress versions, plugins, and themes https://github.com/t0pang4/WordPress-Vulnerability-Scanner
 +
 +🛠 Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service. https://github.com/m3ssap0/wordpress_cve-2018-6389
 +
 +🛠 Wp-sec is an extension for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com. All installed versions of core, plugins and themes can be checked and monitored, so you know when to update your Wordpress installation. https://github.com/markri/wp-sec
 +
 +🛠 Wordpress Scanning, Username Enumeration, Backup Grabbing https://github.com/hudacbr/D-TECT
  
 **Drupal** **Drupal**
 +
 +🛠 Drupal online free scanner https://hackertarget.com/drupal-security-scan/
  
 🛠 DrupalScan https://github.com/rverton/DrupalScan 🛠 DrupalScan https://github.com/rverton/DrupalScan
Ligne 56: Ligne 83:
 🛠 RCE REST de Drupal8, SA-CORE-2019-003, CVE-2019-6340 https://github.com/jas502n/CVE-2019-6340  🛠 RCE REST de Drupal8, SA-CORE-2019-003, CVE-2019-6340 https://github.com/jas502n/CVE-2019-6340 
  
-🛠 Outils de collecte et d'exploitation d'informations Drupal  Https://github.com/immunIT/drupwn+🛠 Outils de collecte et d'exploitation d'informations Drupal  https://github.com/immunIT/drupwn
  
 **Joomla** **Joomla**
 +
 +🛠 Online free  joomla scan https://hackertarget.com/joomla-security-scan/
  
 🛠 Joomscan https://github.com/rezasp/joomscan 🛠 Joomscan https://github.com/rezasp/joomscan
Ligne 70: Ligne 99:
 🛠 OWASP Joomla! vulnerability Scanner https://github.com/PentestBox/OWASP-Joomla-Vulnerability-Scanner 🛠 OWASP Joomla! vulnerability Scanner https://github.com/PentestBox/OWASP-Joomla-Vulnerability-Scanner
  
 +🛠 OWASP Joomla! Security Scanner https://sourceforge.net/projects/joomscan/
 +
 +🛠 Jooforce is a small Python application used to test the vulnerability of Joomla installations against brute force attacks. It supports being able to spoof user-agents and has the ability to automatically switch between different proxies to avoid detection. https://github.com/rastating/jooforce
 +
 +🛠 [discontinued] Mass exploiter of CVE 2015-8562 for Joomla! CMS https://github.com/APT55/JoomlaMassExploiter
  
  
Ligne 88: Ligne 122:
  
 🛠 LetMeFuckIt Scanner AutoPWNED https://github.com/onthefrontline/LetMeFuckIt-Scanner 🛠 LetMeFuckIt Scanner AutoPWNED https://github.com/onthefrontline/LetMeFuckIt-Scanner
 +
 +🛠  Magescan https://github.com/steverobbins/magescan
 +https://github.com/steverobbins/magescan/releases/download/v1.12.9/magescan.phar
  
 **Moodle** **Moodle**
Ligne 100: Ligne 137:
  
 🛠 OWASP VBScan is a Black Box vBulletin Vulnerability Scanner https://github.com/rezasp/vbscan 🛠 OWASP VBScan is a Black Box vBulletin Vulnerability Scanner https://github.com/rezasp/vbscan
 +
 +**Plone CMS**
 +
 +🛠 Security scanner tool for Plone CMS. https://github.com/unweb/plown
 +
  
 **SPIP** **SPIP**
  
 🛠 SPIPScan https://github.com/PaulSec/SPIPScan 🛠 SPIPScan https://github.com/PaulSec/SPIPScan
 +
 +
 +**Symfony** 
 +
 +🛠 Enemies Of Symfony (EOS) - EOS loots information from a Symfony target in debug mode https://github.com/lodi-g/eos
 +
 +🛠 Exploits targeting Symfony. See: Symfony's secret fragments https://github.com/ambionics/symfony-exploits
  
 **Divers CMS** **Divers CMS**
 +
 +🛠 online free scan https://www.nmmapper.com/tools/reconnaissance-tools/cmseek-scanning/CMS%20Detection%20and%20Exploitation%20suite/
 +
 +🛠 All in one tool for Information Gathering and Vulnerability Scanning https://github.com/nandydark/DARK-EAGLE
  
 🛠 CMSmap https://github.com/Dionach/CMSmap 🛠 CMSmap https://github.com/Dionach/CMSmap
 +
 +🛠 CMSeeK https://github.com/Tuhinshubhra/CMSeeK
 +
 +🛠 ICG-AutoExploiterBoT Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart  https://github.com/04x/ICG-AutoExploiterBoT
  
 🛠 CMSsc4n https://github.com/n4xh4ck5/CMSsc4n 🛠 CMSsc4n https://github.com/n4xh4ck5/CMSsc4n
Ligne 142: Ligne 199:
  
 🛠 Security scanner to find temporary config files that contain passwords on public websites  (joomla Wordpress) https://github.com/feross/CMSploit 🛠 Security scanner to find temporary config files that contain passwords on public websites  (joomla Wordpress) https://github.com/feross/CMSploit
 +
 +🛠 Test your site to resistance to a bruteforce attack. Joomla, Drupal, WordPress, Magento and DLE bruteforce.  https://github.com/TheDevFromKer/CMS-Attack
 +
 +🛠 Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan. https://github.com/stasinopoulos/Jaidam
 +
 +🛠 X Brute Forcer Tool WordPress, Joomla, DruPal, OpenCart, Magento https://github.com/Moham3dRiahi/XBruteForcer
 +
 +🛠 Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development) https://github.com/r3dxpl0it/TheXFramework
 +
 +🛠 WhiteBox CMS analysis https://github.com/Intrinsec/comission
 +
 +🛠 dumb0 19.1493e74 A simple tool to dump users in popular forums and CMS. https://github.com/0verl0ad/Dumb0
 +
 +🛠 This project is designed to enumerate back-end hosting Content Management Systems and aid security professionals in detecting vulnerabilities within them.  https://github.com/ptonewreckin/cmsDetector
 +
 +🛠 eZpublish vulnerability scanner https://github.com/thomas-lab/eZscanner
 +
 +🛠 Zombi Bot https://www.sitexploit.me/2019/08/free-zombi-bot-v8-bot-auto-upload-shell.html
 +
 +🛠 ICG-AutoExploiterBoT
 +https://github.com/04x/ICG-AutoExploiterBoT/blob/master/README.md
 +
 +🛠 ICG BOT FULL RECODED.  https://github.com/apidotmy/Fuckedz?files=1
 +
 +🛠 M3m0 Tool Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/M3M0
 +
 +
 +🛠 007BOT ⚔️ Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/007BOT
 +
 +
 +🛠 izocin bot priv8 
 +..
des_outils_pour_scanner_des_cms.1568496247.txt.gz · Dernière modification: 2019/09/14 23:24 par M0N5T3R