All Projects → ajinabraham → Cmsscan

ajinabraham / Cmsscan

Licence: gpl-3.0
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues

Projects that are alternatives of or similar to Cmsscan

Ansipress
AnsiPress - Simple L(Linux) E(NGINX) M(MariaDB) P(PHP7) Shared Hosting Setup
Stars: ✭ 184 (-76.26%)
Mutual labels:  automation, wordpress, drupal
Fail2ban.webexploits
This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.
Stars: ✭ 67 (-91.35%)
Mutual labels:  wordpress, drupal, joomla
Xbruteforcer
X Brute Forcer Tool 🔓 WordPress , Joomla , DruPal , OpenCart , Magento
Stars: ✭ 261 (-66.32%)
Mutual labels:  wordpress, drupal, joomla
M0b Tool
exploit
Stars: ✭ 68 (-91.23%)
Mutual labels:  wordpress, drupal, joomla
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+15.74%)
Mutual labels:  wordpress, drupal, joomla
Cmseek
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Stars: ✭ 1,296 (+67.23%)
Mutual labels:  wordpress, drupal, joomla
Killshot
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (-69.42%)
Mutual labels:  wordpress, joomla
Icg Autoexploiterbot
Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-68.77%)
Mutual labels:  wordpress, joomla
Django Defectdojo
DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+148.52%)
Mutual labels:  automation, devsecops
Easyengine
Command-line control panel for Nginx Server to manage WordPress sites running on Nginx, PHP, MySQL, and Let's Encrypt
Stars: ✭ 1,881 (+142.71%)
Mutual labels:  automation, wordpress
Cms Hunter
CMS漏洞测试用例集合
Stars: ✭ 1,334 (+72.13%)
Mutual labels:  wordpress, joomla
Wordmove
Multi-stage command line deploy/mirroring and task runner for Wordpress
Stars: ✭ 1,791 (+131.1%)
Mutual labels:  automation, wordpress
buzzyblog
React + WordPress REST API, a new endeavor to provide a better experience to content creators, web masters and digital marketers, etc
Stars: ✭ 50 (-93.55%)
Mutual labels:  drupal, joomla
Cms
GleezCMS - A Light, Simple, Flexible Content Management System
Stars: ✭ 200 (-74.19%)
Mutual labels:  wordpress, drupal
Nginxconfig.io
⚙️ NGINX config generator on steroids 💉
Stars: ✭ 14,983 (+1833.29%)
Mutual labels:  wordpress, drupal
Raspberry Pi Dramble
Raspberry Pi Kubernetes cluster that runs HA/HP Drupal 8
Stars: ✭ 1,317 (+69.94%)
Mutual labels:  automation, drupal
M3m0
M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-84%)
Mutual labels:  wordpress, joomla
Lando
A development tool for all your projects that is fast, easy, powerful and liberating
Stars: ✭ 3,142 (+305.42%)
Mutual labels:  wordpress, drupal
Blt
Acquia's toolset for automating Drupal 8 and 9 development, testing, and deployment.
Stars: ✭ 412 (-46.84%)
Mutual labels:  automation, drupal
Hookphp
HookPHP基于C扩展搭建内置AI编程的架构系统-支持微服务部署|热插拔业务组件-集成业务模型|权限模型|UI组件库|多模板|多平台|多域名|多终端|多语言-含常驻内存|前后分离|API平台|LUA QQ群:679116380
Stars: ✭ 575 (-25.81%)
Mutual labels:  drupal, joomla

CMSScan

Scan WordPress, Drupal, Joomla, vBulletin websites for Security issues.

platform License python Rawsec's CyberSecurity Inventory

Made with Love in India

CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.

Install

# Requires ruby, ruby-dev, gem, libwww-perl, python3.6+ and git
git clone https://github.com/ajinabraham/CMSScan.git
cd CMSScan
./setup.sh

Run

./run.sh

Periodic Scans

You can perform periodic CMS scans with CMSScan. You must run CMSScan server separately and configure the following before running the scheduler.py script.

# SMTP SETTINGS
SMTP_SERVER = ''
FROM_EMAIL = ''
TO_EMAIL = ''

# SERVER SETTINGS
SERVER = ''

# SCAN SITES
WORDPRESS_SITES = []
DRUPAL_SITES = []
JOOMLA_SITES = []
VBULLETIN_SITES = []

Add a cronjob

crontab -e
@weekly /usr/bin/python3 scheduler.py

Basic Auth

By default there is no authentication. To enable basic auth, configure the following in app.py

app.config['BASIC_AUTH_USERNAME'] = 'admin'
app.config['BASIC_AUTH_PASSWORD'] = 'password'
app.config['BASIC_AUTH_FORCE'] = True

Docker

Local

docker build -t cmsscan .
docker run -it -p 7070:7070 cmsscan

Prebuilt Image

docker pull opensecurity/cmsscan
docker run -it -p 7070:7070 opensecurity/cmsscan

Screenshots

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].