Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

CMSmap – Open Source CMS Scanner

  • Last Updated : 14 Sep, 2021

CMSmap is a Python open source CMS scanner that automates the method of detecting security flaws of the foremost popular CMSs. The main purpose of this tool is to integrate common vulnerabilities for different types of CMSs into a single tool. at the instant, there’s support for WordPress, Joomla, Drupal, and Moodle. CMSmap tool is freely available on GitHub. CMSmap tool supports multiple target domain scanning and saves the results in text file format. CMSmap tool has the ability to set custom user-agent and header. CMSmap tool Support for SSL encryption. CMSmap tool supports Verbose mode for debugging purposes.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of CMSmap Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd CMSmap 

Step 3: You are in the directory of the CMSmap. Now run the following command to complete the installation.

sudo python3 install

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 cmsmap .py -h

Working with CMSmap Tool on Kali Linux OS

Example 1: Simple Scan (Single Target)


In this Example, We are performing simple scanning on the target domain

We have got the details of CMS and the theme applied to the domain.

The tool has identified the WordPress usernames on

Example 2: Force scan WordPress

python3 -f W -F --noedb -d

In this Example, We are performing a Force scan of WordPress CMS on

Example 3: Scan multiple targets listed in a given file

python3 -i targets.txt -o output.txt -f D

In this Example, We are scanning multiple target domains specified in the targets.txt file.

Example 4: Verbose Mode

python3 -v

In this Example, We are displaying the scan results in a more detailed way. We have used the -v tag for enabling the verbose mode.

My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!