Simple CMS Scanner.
Installation
cd /usr/bin
git clone https://github.com/Dionach/CMSmap
cd CMSmap
#apt install python3-pip
pip3 install .Examples
# WordPress scan: (W)ordpress, (J)oomla or (D)rupal or (M)oodle
cmsmap http://someurl.com -f WHelp
usage: cmsmap [-f W/J/D/M] [-F] [-t] [-a] [-H] [-i] [-o] [-E] [-c] [-s] [-d]
[-u] [-p] [-x] [-k] [-w] [-v] [-h] [-D] [-U]
[target]
CMSmap tool v1.0 - Simple CMS Scanner
Author: Mike Manzotti
Scan:
target target URL (e.g. 'https://example.com:8080/')
-f W/J/D/M, --force W/J/D/M
force scan (W)ordpress, (J)oomla or (D)rupal or (M)oodle
-F, --fullscan full scan using large plugin lists. False positives and slow!
-t , --threads number of threads (Default 5)
-a , --agent set custom user-agent
-H , --header add custom header (e.g. 'Authorization: Basic ABCD...')
-i , --input scan multiple targets listed in a given file
-o , --output save output in a file
-E, --noedb enumerate plugins without searching exploits
-c, --nocleanurls disable clean urls for Drupal only
-s, --nosslcheck don't validate the server's certificate
-d, --dictattack run low intense dictionary attack during scanning (5 attempts per user)
Brute-Force:
-u , --usr username or username file
-p , --psw password or password file
-x, --noxmlrpc brute forcing WordPress without XML-RPC
Post Exploitation:
-k , --crack password hashes file (Require hashcat installed. For WordPress and Joomla only)
-w , --wordlist wordlist file
Others:
-v, --verbose verbose mode (Default false)
-h, --help show this help message and exit
-D, --default run CMSmap with default options
-U , --update use (C)MSmap, (P)lugins or (PC) for both
Examples:
cmsmap.py https://example.com
cmsmap.py https://example.com -f W -F --noedb -d
cmsmap.py https://example.com -i targets.txt -o output.txt
cmsmap.py https://example.com -u admin -p passwords.txt
cmsmap.py -k hashes.txt -w passwords.txt