CMSmap

Simple CMS Scanner.

Installation

cd /usr/bin
git clone https://github.com/Dionach/CMSmap
cd CMSmap
#apt install python3-pip
pip3 install .

Examples

# WordPress scan: (W)ordpress, (J)oomla or (D)rupal or (M)oodle
cmsmap http://someurl.com -f W

Help

usage: cmsmap [-f W/J/D/M] [-F] [-t] [-a] [-H] [-i] [-o] [-E] [-c] [-s] [-d]
              [-u] [-p] [-x] [-k] [-w] [-v] [-h] [-D] [-U]
              [target]

CMSmap tool v1.0 - Simple CMS Scanner
Author: Mike Manzotti

Scan:
  target                target URL (e.g. 'https://example.com:8080/')
  -f W/J/D/M, --force W/J/D/M
                        force scan (W)ordpress, (J)oomla or (D)rupal or (M)oodle
  -F, --fullscan        full scan using large plugin lists. False positives and slow!
  -t , --threads        number of threads (Default 5)
  -a , --agent          set custom user-agent
  -H , --header         add custom header (e.g. 'Authorization: Basic ABCD...')
  -i , --input          scan multiple targets listed in a given file
  -o , --output         save output in a file
  -E, --noedb           enumerate plugins without searching exploits
  -c, --nocleanurls     disable clean urls for Drupal only
  -s, --nosslcheck      don't validate the server's certificate
  -d, --dictattack      run low intense dictionary attack during scanning (5 attempts per user)

Brute-Force:
  -u , --usr            username or username file
  -p , --psw            password or password file
  -x, --noxmlrpc        brute forcing WordPress without XML-RPC

Post Exploitation:
  -k , --crack          password hashes file (Require hashcat installed. For WordPress and Joomla only)
  -w , --wordlist       wordlist file

Others:
  -v, --verbose         verbose mode (Default false)
  -h, --help            show this help message and exit
  -D, --default         run CMSmap with default options
  -U , --update         use (C)MSmap, (P)lugins or (PC) for both

Examples:
  cmsmap.py https://example.com
  cmsmap.py https://example.com -f W -F --noedb -d
  cmsmap.py https://example.com -i targets.txt -o output.txt
  cmsmap.py https://example.com -u admin -p passwords.txt
  cmsmap.py -k hashes.txt -w passwords.txt