.

CMS Explorer-Discover the CMS components behind the site

<<

morpheus063

User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Mon May 31, 2010 12:47 pm

CMS Explorer-Discover the CMS components behind the site

Another good tool for web app security

CMS Explorer is designed to reveal the the specific modules, plugins and
themes that various Content Management System (CMS) driven web sites are
running. It can also assist security testing by looking up related
vulnerabilities in osvdb.org, as well as revealing otherwise "hidden"
files available with components.


Features include:
- Support for Wordpress, Drupal, Joomla! and Mambo plugins & themes
- OSVDB.org API search for potential vulnerabilities in found components
- Explore discovered components by getting file lists directly from the
code repo
- Bootstrap a scan proxy (such as Burp) with all found files
- Easy update for newest Drupal/Wordpress components
- Distinct proxy setup for scanning and bootstrapping


Download and Usage: http://code.google.com/p/cms-explorer/

A good post on CMS Explorer
http://security.sunera.com/2010/03/cms- ... nning.html
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Mon May 31, 2010 1:05 pm

Re: CMS Explorer-Discover the CMS components behind the site

Thanks! Will try this on my Wordpress blog  :)
Last edited by Xen on Mon May 31, 2010 1:08 pm, edited 1 time in total.
<<

secureseve

User avatar

Jr. Member
Jr. Member

Posts: 79

Joined: Thu Apr 08, 2010 10:40 pm

Location: DMZ

Post Mon May 31, 2010 10:40 pm

Re: CMS Explorer-Discover the CMS components behind the site

I have been looking for something like this! I will test it out as soon as I can! Thanks!
http://twitter.com/mikesantillana
eLearnSecurity Team Member.

Return to Tools

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software