CMSmap – Open Source CMS Scanner
CMSmap is a Python open source CMS scanner that automates the method of detecting security flaws of the foremost popular CMSs. The main purpose of this tool is to integrate common vulnerabilities for different types of CMSs into a single tool. at the instant, there’s support for WordPress, Joomla, Drupal, and Moodle. CMSmap tool is freely available on GitHub. CMSmap tool supports multiple target domain scanning and saves the results in text file format. CMSmap tool has the ability to set custom user-agent and header. CMSmap tool Support for SSL encryption. CMSmap tool supports Verbose mode for debugging purposes.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux
Installation of CMSmap Tool on Kali Linux OS
Step 1: Use the following command to install the tool in your Kali Linux operating system.
git clone https://github.com/Dionach/CMSmap.git
Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.
Step 3: You are in the directory of the CMSmap. Now run the following command to complete the installation.
sudo python3 setup.py install
Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.
python3 cmsmap .py -h
Working with CMSmap Tool on Kali Linux OS
Example 1: Simple Scan (Single Target)
python3 cmsmap.py https://geeksforgeeks.org
In this Example, We are performing simple scanning on the target domain geeksforgeeks.org.
We have got the details of CMS and the theme applied to the domain.
The tool has identified the WordPress usernames on geeksforgeeks.org.
Example 2: Force scan WordPress
python3 cmsmap.py https://geeksforgeeks.org -f W -F --noedb -d
In this Example, We are performing a Force scan of WordPress CMS on geeksforgeeks.org.
Example 3: Scan multiple targets listed in a given file
python3 cmsmap.py -i targets.txt -o output.txt -f D
In this Example, We are scanning multiple target domains specified in the targets.txt file.
Example 4: Verbose Mode
python3 cmsmap.py https://geeksforgeeks.org -v
In this Example, We are displaying the scan results in a more detailed way. We have used the -v tag for enabling the verbose mode.