{"id":13548042,"url":"https://github.com/ajinabraham/CMSScan","last_synced_at":"2025-04-02T20:31:31.219Z","repository":{"id":51274263,"uuid":"157680238","full_name":"ajinabraham/CMSScan","owner":"ajinabraham","description":"CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues","archived":false,"fork":false,"pushed_at":"2021-05-18T05:25:36.000Z","size":740,"stargazers_count":994,"open_issues_count":4,"forks_count":148,"subscribers_count":37,"default_branch":"master","last_synced_at":"2025-03-27T21:09:40.536Z","etag":null,"topics":["automation","devsecops","drupal","joomla","security","security-dashboard","vbulletin","wordpress"],"latest_commit_sha":null,"homepage":"https://opensecurity.in","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ajinabraham.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"github":"ajinabraham","custom":["https://paypal.me/ajinabraham"]}},"created_at":"2018-11-15T08:49:22.000Z","updated_at":"2025-03-22T07:31:22.000Z","dependencies_parsed_at":"2022-09-01T14:10:40.592Z","dependency_job_id":null,"html_url":"https://github.com/ajinabraham/CMSScan","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ajinabraham","download_url":"https://codeload.github.com/ajinabraham/CMSScan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246888033,"owners_count":20850191,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","devsecops","drupal","joomla","security","security-dashboard","vbulletin","wordpress"],"created_at":"2024-08-01T12:01:04.943Z","updated_at":"2025-04-02T20:31:26.203Z","avatar_url":"https://github.com/ajinabraham.png","language":"CSS","readme":"# CMSScan\nScan WordPress, Drupal, Joomla, vBulletin websites for Security issues.\n\n[![platform](https://img.shields.io/badge/platform-osx%2Flinux-green.svg)](https://github.com/ajinabraham/CMSScan/)\n[![License](https://img.shields.io/:license-gpl3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0.html)\n[![python](https://img.shields.io/badge/python-3.6-blue.svg)](https://www.python.org/downloads/)\n[![Rawsec's CyberSecurity Inventory](https://inventory.raw.pm/img/badges/Rawsec-inventoried-FF5050_flat.svg)](https://inventory.rawsec.ml/tools.html#CMSScan)\n\nMade with ![Love](https://cloud.githubusercontent.com/assets/4301109/16754758/82e3a63c-4813-11e6-9430-6015d98aeaab.png) in India\n\nCMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.\n\n## Install\n```\n# Requires ruby, ruby-dev, gem, libwww-perl, python3.6+ and git\ngit clone https://github.com/ajinabraham/CMSScan.git\ncd CMSScan\n./setup.sh\n```\n## Run\n\n`./run.sh`\n\n## Periodic Scans\n\nYou can perform periodic CMS scans with CMSScan. You must run CMSScan server separately and configure the following before running the `scheduler.py` script.\n\n```\n# SMTP SETTINGS\nSMTP_SERVER = ''\nFROM_EMAIL = ''\nTO_EMAIL = ''\n\n# SERVER SETTINGS\nSERVER = ''\n\n# SCAN SITES\nWORDPRESS_SITES = []\nDRUPAL_SITES = []\nJOOMLA_SITES = []\nVBULLETIN_SITES = []\n```\n\nAdd a cronjob\n\n```\ncrontab -e\n@weekly /usr/bin/python3 scheduler.py\n```\n\n## Basic Auth\n\nBy default there is no authentication. To enable basic auth, configure the following in `app.py` \n\n```\napp.config['BASIC_AUTH_USERNAME'] = 'admin'\napp.config['BASIC_AUTH_PASSWORD'] = 'password'\napp.config['BASIC_AUTH_FORCE'] = True\n```\n\n## Docker\n\n### Local\n```\ndocker build -t cmsscan .\ndocker run -it -p 7070:7070 cmsscan\n```\n\n### Prebuilt Image\n\n```\ndocker pull opensecurity/cmsscan\ndocker run -it -p 7070:7070 opensecurity/cmsscan\n```\n\n### Screenshots\n\n\n![](https://user-images.githubusercontent.com/4301109/48620839-855c9100-e9c7-11e8-97c6-1e25252d2d01.png)\n![](https://user-images.githubusercontent.com/4301109/48620970-03b93300-e9c8-11e8-9962-714e8fea2c6c.png)\n![](https://user-images.githubusercontent.com/4301109/48670210-cf658400-eb39-11e8-8aad-fa2c2915c42a.png)\n","funding_links":["https://github.com/sponsors/ajinabraham","https://paypal.me/ajinabraham"],"categories":["CSS","web shell、shellcode","Pentesting"],"sub_categories":["网络服务_其他","Vulnerability"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fajinabraham%2FCMSScan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fajinabraham%2FCMSScan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fajinabraham%2FCMSScan/lists"}