Joomscan – OWASP Joomla Vulnerability Scanner

OWASP Joomla! Vulnerability Scanner (JoomScan) is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments.

Implemented in Perl, this tool enables seamless and effortless scanning of Joomla installations, while leaving a minimal footprint with its lightweight and modular architecture.

It not only detects known offensive vulnerabilities, but also is able to detect many misconfigurations and admin-level shortcomings that can be exploited by adversaries to compromise the system.

Joomscan – OWASP Joomla Vulnerability Scanner

The scanner will allow to have following features:

  • Automated Version enumerator
  • Automated Vulnerability enumerator (based on version)
  • Components enumerator (1209 most popular by default)
  • Components vulnerability enumerator (based on version)(+1030 exploit)
  • Firewall detector
  • Reporting to Text & HTML output
  • Finding common log files
  • Finding common backup files

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments