Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

CMSeeK – Open Source Content Management System Detection and Exploitation Tool

  • Last Updated : 23 Sep, 2021

CMSeeK is a free and open-source tool available on GitHub. CMSeeK can detect content management systems such as WordPress, Drupal, Joomla, and Magento CMS, WordPress sensitive files, and WordPress version-related vulnerabilities. CMSeeK uses different modules for doing all the scannings.   CMSeeK is a vulnerability scanner tool for content management systems. This tool is used for vulnerability scanning of websites and web apps. This tool also works as a web exploitation tool. CMSeeK is written in python language. You must have python language installed in your Kali Linux system to run this tool. ATSCAN is used to scan websites for information gathering and finding vulnerabilities in websites and web apps. CMSeeK is one of the easiest and useful tools for performing reconnaissance on the content management system.

Installation of the CMSeeK tool

Step 1: Open your kali Linux operating system and use the following command to install the tool.

cd Desktop
git clone https://github.com/Tuhinshubhra/CMSeeK

Step 2: Now move into the directory of the tool using the following command.



cd CMSeeK

Step 3: Now you are in the directory of the tool. Use the following command to install the dependencies of the tool.

pip3 install -r requirements.txt

Step 4: All the dependencies of the tool have been installed, now run the tool using the following command.

python3 cmseek.py

The tool is running successfully. Now we will see examples to use the tool.

Usage

Example 1: Use the CMSeeK tool to detect whether a domain is CMS or not.

choose option:



 1
type domain

The tool has performed a deep scan on the domain.

Example 2: Use the CMSeeK tool to scan multiple sites.

choose option:

2
type domains

This is how you can also scan your own domain.

Example 3: Use the cmseek tool for brute forcing on cms.

choose option 3

Now choose any cms from the list.

After brute forcing on the domain, the tool has confirmed that the domain has WordPress cms. Similarly, you can find WordPress cms by brute-forcing on the domain using cmseek.

My Personal Notes arrow_drop_up
Recommended Articles
Page :