Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

[TOOL] CMS Explorer

From: Chris Sullo <csullo () sunera com>
Date: Thu, 01 Apr 2010 14:49:29 -0400
CMS Explorer is designed to reveal the the specific modules, plugins and
themes that various Content Management System (CMS) driven web sites are
running. It can also assist security testing by looking up related
vulnerabilities in osvdb.org, as well as revealing otherwise "hidden"
files available with components.


Features include:
- Support for Wordpress, Drupal, Joomla! and Mambo plugins & themes
- OSVDB.org API search for potential vulnerabilities in found components
- Explore discovered components by getting file lists directly from the
code repo
- Bootstrap a scan proxy (such as Burp) with all found files
- Easy update for newest Drupal/Wordpress components
- Distinct proxy setup for scanning and bootstrapping

Download and Usage: http://code.google.com/p/

More about CMS Explorer:
http://security.sunera.com/2010/03/cms-explorer-or-whats-that-cms-running.html

-- 
Chris Sullo
http://security.sunera.com/


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: