Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → vortexau → Mooscan

vortexau / Mooscan

A scanner for Moodle LMS

Programming Languages

139335 projects - #7 most used programming language

1442 projects

Labels

scanner infosec

Projects that are alternatives of or similar to Mooscan

🖖 Fast, modern, easy-to-use network scanner

Stars: ✭ 1,267 (+5659.09%)

Mutual labels: scanner, infosec

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Stars: ✭ 57 (+159.09%)

Mutual labels: scanner, infosec

Pentest: Subdomains enumeration tool for penetration testers.

Stars: ✭ 142 (+545.45%)

Mutual labels: scanner, infosec

Analyst Arsenal

A toolkit for Security Researchers

Stars: ✭ 112 (+409.09%)

Mutual labels: scanner, infosec

Securitymanageframwork

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Stars: ✭ 378 (+1618.18%)

Mutual labels: scanner, infosec

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Stars: ✭ 222 (+909.09%)

Mutual labels: scanner, infosec

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

Stars: ✭ 77 (+250%)

Mutual labels: scanner, infosec

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Stars: ✭ 886 (+3927.27%)

Mutual labels: scanner, infosec

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Stars: ✭ 3,131 (+14131.82%)

Mutual labels: scanner, infosec

SEC分布式资产扫描系统

Stars: ✭ 8 (-63.64%)

Mutual labels: scanner, infosec

被动式漏洞扫描系统

Stars: ✭ 740 (+3263.64%)

Mutual labels: scanner, infosec

Magento Malware Scanner

Scanner, signatures and the largest collection of Magento malware

Stars: ✭ 608 (+2663.64%)

Mutual labels: scanner, infosec

Exploitation Framework for Embedded Devices

Stars: ✭ 9,866 (+44745.45%)

Mutual labels: scanner, infosec

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Stars: ✭ 3,439 (+15531.82%)

Mutual labels: scanner, infosec

The Swiss Army knife for automated Web Application Testing

Stars: ✭ 1,073 (+4777.27%)

Mutual labels: scanner, infosec

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Stars: ✭ 478 (+2072.73%)

Mutual labels: scanner, infosec

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Stars: ✭ 107 (+386.36%)

Mutual labels: scanner, infosec

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Stars: ✭ 509 (+2213.64%)

Mutual labels: scanner, infosec

Web path scanner

Stars: ✭ 7,246 (+32836.36%)

Mutual labels: scanner, infosec

A Gtk/Qt front-end to tesseract-ocr.

Stars: ✭ 786 (+3472.73%)

Mutual labels: scanner

View All Similar Projects ➔

MooScan

A scanning tool for Moodle LMS, after v1.7.0. in development

How does it work?

MooScan downloads a copy of the public Moodle GIT repository and plugin database and pulls in files of interest which can be used to determine the installed Moodle version, determine if local public changes have been made, and allows brute-force scanning of an install to determine any and all installed plugins (and their versions, too!)

Moodle itself includes a lot of content inside its web root that can be very revealing. Information such as composer.json, package.json, npm-shrinkwrap.json which all include version numbers used to build libraries; install.xml files used to setup databases which include version numbers, and in some older versions, .html files which include PHP - these files are pulled in by Moodle, and, in some cases, may have been modified by admins to include their production values (auth/ldap/config.html I'm looking at you!). As a Moodle admin, it would be nice to know this. As a pentester, it would be doubly-nice to know this!

Why?

In a previous life, I was a developer in a small team maintaining a large Moodle install (35k users) and while we were careful with our install, I realised that others may not be so careful..

No specific tool existed then, so in the spirit of PoC||GTFO, I decided to build my own fucking birdfeeder.

Key Benefits

Allows administrators to determine exactly what is visible externally in their Moodle installation.
A tool for penetration testers to find potential vulnerabilities in a Moodle installation by enumerating installed plugins, themes and libraries.

Docker Commands

Build container
- docker-compose --build up
Run PEP8 tests
- docker-compose run --entrypoint "pep8 -v *.py lib/" mooscan
Run unit-tests
- docker-compose run --entrypoint pytest mooscan

Road Map

To be defined once the basic (MVP!) tool is released, functional and reliable.

Special Thanks

Codingo; for the gentle nudges to get this tool to a point where it may be useful for the community.
SecTalks for the continual support and encouragement.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 22

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗