Outils d'utilisateurs

Outils du Site


des_outils_pour_scanner_des_cms

Différences

Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.

Lien vers cette vue

des_outils_pour_scanner_des_cms [2019/09/15 16:50]
M0N5T3R
des_outils_pour_scanner_des_cms [2022/12/14 09:13] (Version actuelle)
M0N5T3R
Ligne 1: Ligne 1:
 +FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci
 +
 +
 +====== Des outils pour scanner des CMS ======
  
  
 **Wordpress** **Wordpress**
 +
 +🛠 online free scan https://hackertarget.com/wordpress-security-scan/
 +
 +🛠 wpxf - WordPress Exploit Framework https://github.com/rastating/wordpress-exploit-framework
 +
 +🛠 Wp brute force login https://github.com/04x/WpBrute-Priv8
  
 🛠 WpscaN Project https://github.com/04x/WpscaN 🛠 WpscaN Project https://github.com/04x/WpscaN
  
-🛠 wpscan https://github.com/wpscanteam/wpscan+🛠 wpscan , conseil : utilisez wpscan avec une API key de WPVulnDB API  https://github.com/wpscanteam/wpscan
  
 🛠 wordpresscan https://github.com/swisskyrepo/Wordpresscan 🛠 wordpresscan https://github.com/swisskyrepo/Wordpresscan
Ligne 25: Ligne 35:
 🛠  WPForce https://github.com/n00py/WPForce 🛠  WPForce https://github.com/n00py/WPForce
  
-🛠 WPSploit - Exploiting WordPress With Metasploit.  https://github.com/espreto/wpsploit/blob/master/README.md+🛠 WPSploit - Exploiting WordPress With Metasploit.  https://github.com/espreto/wpsploit/
  
 🛠 WPSploit - WordPress Plugin Code Scanner https://web.archive.org/web/20180617174139/https://github.com/m4ll0k/WPSploit 🛠 WPSploit - WordPress Plugin Code Scanner https://web.archive.org/web/20180617174139/https://github.com/m4ll0k/WPSploit
Ligne 50: Ligne 60:
  
 🛠 A simple script to check for CVE's for specific WordPress versions, plugins, and themes https://github.com/t0pang4/WordPress-Vulnerability-Scanner 🛠 A simple script to check for CVE's for specific WordPress versions, plugins, and themes https://github.com/t0pang4/WordPress-Vulnerability-Scanner
- 
-🛠 CVE-2018-19487, CVE-2018-19488, exploit for WordPress wp-jobhunt plugin https://github.com/Antho59/wp-jobhunt-exploit 
  
 🛠 Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service. https://github.com/m3ssap0/wordpress_cve-2018-6389 🛠 Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service. https://github.com/m3ssap0/wordpress_cve-2018-6389
 +
 +🛠 Wp-sec is an extension for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com. All installed versions of core, plugins and themes can be checked and monitored, so you know when to update your Wordpress installation. https://github.com/markri/wp-sec
 +
 +🛠 Wordpress Scanning, Username Enumeration, Backup Grabbing https://github.com/hudacbr/D-TECT
  
 **Drupal** **Drupal**
 +
 +🛠 Drupal online free scanner https://hackertarget.com/drupal-security-scan/
  
 🛠 DrupalScan https://github.com/rverton/DrupalScan 🛠 DrupalScan https://github.com/rverton/DrupalScan
Ligne 69: Ligne 83:
 🛠 RCE REST de Drupal8, SA-CORE-2019-003, CVE-2019-6340 https://github.com/jas502n/CVE-2019-6340  🛠 RCE REST de Drupal8, SA-CORE-2019-003, CVE-2019-6340 https://github.com/jas502n/CVE-2019-6340 
  
-🛠 Outils de collecte et d'exploitation d'informations Drupal  Https://github.com/immunIT/drupwn+🛠 Outils de collecte et d'exploitation d'informations Drupal  https://github.com/immunIT/drupwn
  
 **Joomla** **Joomla**
 +
 +🛠 Online free  joomla scan https://hackertarget.com/joomla-security-scan/
  
 🛠 Joomscan https://github.com/rezasp/joomscan 🛠 Joomscan https://github.com/rezasp/joomscan
Ligne 106: Ligne 122:
  
 🛠 LetMeFuckIt Scanner AutoPWNED https://github.com/onthefrontline/LetMeFuckIt-Scanner 🛠 LetMeFuckIt Scanner AutoPWNED https://github.com/onthefrontline/LetMeFuckIt-Scanner
 +
 +🛠  Magescan https://github.com/steverobbins/magescan
 +https://github.com/steverobbins/magescan/releases/download/v1.12.9/magescan.phar
  
 **Moodle** **Moodle**
Ligne 127: Ligne 146:
  
 🛠 SPIPScan https://github.com/PaulSec/SPIPScan 🛠 SPIPScan https://github.com/PaulSec/SPIPScan
 +
 +
 +**Symfony** 
 +
 +🛠 Enemies Of Symfony (EOS) - EOS loots information from a Symfony target in debug mode https://github.com/lodi-g/eos
 +
 +🛠 Exploits targeting Symfony. See: Symfony's secret fragments https://github.com/ambionics/symfony-exploits
  
 **Divers CMS** **Divers CMS**
 +
 +🛠 online free scan https://www.nmmapper.com/tools/reconnaissance-tools/cmseek-scanning/CMS%20Detection%20and%20Exploitation%20suite/
 +
 +🛠 All in one tool for Information Gathering and Vulnerability Scanning https://github.com/nandydark/DARK-EAGLE
  
 🛠 CMSmap https://github.com/Dionach/CMSmap 🛠 CMSmap https://github.com/Dionach/CMSmap
 +
 +🛠 CMSeeK https://github.com/Tuhinshubhra/CMSeeK
 +
 +🛠 ICG-AutoExploiterBoT Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart  https://github.com/04x/ICG-AutoExploiterBoT
  
 🛠 CMSsc4n https://github.com/n4xh4ck5/CMSsc4n 🛠 CMSsc4n https://github.com/n4xh4ck5/CMSsc4n
Ligne 170: Ligne 204:
 🛠 Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan. https://github.com/stasinopoulos/Jaidam 🛠 Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan. https://github.com/stasinopoulos/Jaidam
  
-🛠 X Brute Forcer Tool 🔓 WordPress , Joomla , DruPal , OpenCart , Magento https://github.com/Moham3dRiahi/XBruteForcer+🛠 X Brute Forcer Tool WordPress, Joomla, DruPal, OpenCart, Magento https://github.com/Moham3dRiahi/XBruteForcer
  
-🛠 Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development) https://github.com/r3dxpl0it/TheXFramework*+🛠 Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development) https://github.com/r3dxpl0it/TheXFramework
  
 🛠 WhiteBox CMS analysis https://github.com/Intrinsec/comission 🛠 WhiteBox CMS analysis https://github.com/Intrinsec/comission
  
-🛠 dumb0 19.1493e74 A simple tool to dump users in popular forums and CMS. https://github.com/0verl0ad/Dumb0+🛠 dumb0 19.1493e74 A simple tool to dump users in popular forums and CMS. https://github.com/0verl0ad/Dumb0
  
 🛠 This project is designed to enumerate back-end hosting Content Management Systems and aid security professionals in detecting vulnerabilities within them.  https://github.com/ptonewreckin/cmsDetector 🛠 This project is designed to enumerate back-end hosting Content Management Systems and aid security professionals in detecting vulnerabilities within them.  https://github.com/ptonewreckin/cmsDetector
 +
 +🛠 eZpublish vulnerability scanner https://github.com/thomas-lab/eZscanner
 +
 +🛠 Zombi Bot https://www.sitexploit.me/2019/08/free-zombi-bot-v8-bot-auto-upload-shell.html
 +
 +🛠 ICG-AutoExploiterBoT
 +https://github.com/04x/ICG-AutoExploiterBoT/blob/master/README.md
 +
 +🛠 ICG BOT FULL RECODED.  https://github.com/apidotmy/Fuckedz?files=1
 +
 +🛠 M3m0 Tool Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/M3M0
 +
 +
 +🛠 007BOT ⚔️ Website Vulnerability Scanner & Auto Exploiter https://github.com/mrwn007/007BOT
 +
 +
 +🛠 izocin bot priv8 
 +..
des_outils_pour_scanner_des_cms.1568559016.txt.gz · Dernière modification: 2019/09/15 16:50 par M0N5T3R