Open In App

CMSmap – Open Source CMS Scanner

Last Updated : 14 Sep, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

CMSmap is a Python open source CMS scanner that automates the method of detecting security flaws of the foremost popular CMSs. The main purpose of this tool is to integrate common vulnerabilities for different types of CMSs into a single tool. at the instant, there’s support for WordPress, Joomla, Drupal, and Moodle. CMSmap tool is freely available on GitHub. CMSmap tool supports multiple target domain scanning and saves the results in text file format. CMSmap tool has the ability to set custom user-agent and header. CMSmap tool Support for SSL encryption. CMSmap tool supports Verbose mode for debugging purposes.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of CMSmap Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/Dionach/CMSmap.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd CMSmap

Step 3: You are in the directory of the CMSmap. Now run the following command to complete the installation.

sudo python3 setup.py install

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 cmsmap .py -h

Working with CMSmap Tool on Kali Linux OS

Example 1: Simple Scan (Single Target)

python3 cmsmap.py https://geeksforgeeks.org

In this Example, We are performing simple scanning on the target domain geeksforgeeks.org.

We have got the details of CMS and the theme applied to the domain.

The tool has identified the WordPress usernames on geeksforgeeks.org.

Example 2: Force scan WordPress

python3 cmsmap.py https://geeksforgeeks.org -f W -F --noedb -d

In this Example, We are performing a Force scan of WordPress CMS on geeksforgeeks.org.

Example 3: Scan multiple targets listed in a given file

python3 cmsmap.py -i targets.txt -o output.txt -f D

In this Example, We are scanning multiple target domains specified in the targets.txt file.

Example 4: Verbose Mode

python3 cmsmap.py https://geeksforgeeks.org -v

In this Example, We are displaying the scan results in a more detailed way. We have used the -v tag for enabling the verbose mode.


Like Article
Suggest improvement
Previous
Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux
Next
Nexfil - OSINT Tool For Finding Profiles By Username
Share your thoughts in the comments

Similar Reads

Droopescan - CMS Based Web Applications Scanner
MassBleed - Open Source SSL Vulnerability Scanner
WhatWeb - Open Source Web Scanner
Altair - Open Source Modular Web Vulnerability Scanner
GONET-Scanner - Golang Network Scanner With Arp Discovery And Own Parser
SourceLeakHacker - Multi Threads Web Application Source Leak Scanner
WPrecon - Vulnerability Recognition Tool In CMS WordPress
CMSsc4n - Tool to identify if a domain is a CMS
CMSeeK - CMS Detection and Exploitation Tool
Juumla - Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla

G
gauravgandal
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox