{"id":13539645,"url":"https://github.com/ajinabraham/cmsscan","last_synced_at":"2025-04-12T18:50:30.273Z","repository":{"id":51274263,"uuid":"157680238","full_name":"ajinabraham/CMSScan","owner":"ajinabraham","description":"CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues","archived":false,"fork":false,"pushed_at":"2021-05-18T05:25:36.000Z","size":740,"stargazers_count":996,"open_issues_count":4,"forks_count":149,"subscribers_count":37,"default_branch":"master","last_synced_at":"2025-04-03T22:07:34.055Z","etag":null,"topics":["automation","devsecops","drupal","joomla","security","security-dashboard","vbulletin","wordpress"],"latest_commit_sha":null,"homepage":"https://opensecurity.in","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ajinabraham.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"github":"ajinabraham","custom":["https://paypal.me/ajinabraham"]}},"created_at":"2018-11-15T08:49:22.000Z","updated_at":"2025-04-03T08:21:27.000Z","dependencies_parsed_at":"2022-09-01T14:10:40.592Z","dependency_job_id":null,"html_url":"https://github.com/ajinabraham/CMSScan","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajinabraham%2FCMSScan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ajinabraham","download_url":"https://codeload.github.com/ajinabraham/CMSScan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248618222,"owners_count":21134199,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","devsecops","drupal","joomla","security","security-dashboard","vbulletin","wordpress"],"created_at":"2024-08-01T09:01:29.918Z","updated_at":"2025-04-12T18:50:30.253Z","avatar_url":"https://github.com/ajinabraham.png","language":"CSS","readme":"# CMSScan\nScan WordPress, Drupal, Joomla, vBulletin websites for Security issues.\n\n[![platform](https://img.shields.io/badge/platform-osx%2Flinux-green.svg)](https://github.com/ajinabraham/CMSScan/)\n[![License](https://img.shields.io/:license-gpl3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0.html)\n[![python](https://img.shields.io/badge/python-3.6-blue.svg)](https://www.python.org/downloads/)\n[![Rawsec's CyberSecurity Inventory](https://inventory.raw.pm/img/badges/Rawsec-inventoried-FF5050_flat.svg)](https://inventory.rawsec.ml/tools.html#CMSScan)\n\nMade with ![Love](https://cloud.githubusercontent.com/assets/4301109/16754758/82e3a63c-4813-11e6-9430-6015d98aeaab.png) in India\n\nCMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.\n\n## Install\n```\n# Requires ruby, ruby-dev, gem, libwww-perl, python3.6+ and git\ngit clone https://github.com/ajinabraham/CMSScan.git\ncd CMSScan\n./setup.sh\n```\n## Run\n\n`./run.sh`\n\n## Periodic Scans\n\nYou can perform periodic CMS scans with CMSScan. You must run CMSScan server separately and configure the following before running the `scheduler.py` script.\n\n```\n# SMTP SETTINGS\nSMTP_SERVER = ''\nFROM_EMAIL = ''\nTO_EMAIL = ''\n\n# SERVER SETTINGS\nSERVER = ''\n\n# SCAN SITES\nWORDPRESS_SITES = []\nDRUPAL_SITES = []\nJOOMLA_SITES = []\nVBULLETIN_SITES = []\n```\n\nAdd a cronjob\n\n```\ncrontab -e\n@weekly /usr/bin/python3 scheduler.py\n```\n\n## Basic Auth\n\nBy default there is no authentication. To enable basic auth, configure the following in `app.py` \n\n```\napp.config['BASIC_AUTH_USERNAME'] = 'admin'\napp.config['BASIC_AUTH_PASSWORD'] = 'password'\napp.config['BASIC_AUTH_FORCE'] = True\n```\n\n## Docker\n\n### Local\n```\ndocker build -t cmsscan .\ndocker run -it -p 7070:7070 cmsscan\n```\n\n### Prebuilt Image\n\n```\ndocker pull opensecurity/cmsscan\ndocker run -it -p 7070:7070 opensecurity/cmsscan\n```\n\n### Screenshots\n\n\n![](https://user-images.githubusercontent.com/4301109/48620839-855c9100-e9c7-11e8-97c6-1e25252d2d01.png)\n![](https://user-images.githubusercontent.com/4301109/48620970-03b93300-e9c8-11e8-9962-714e8fea2c6c.png)\n![](https://user-images.githubusercontent.com/4301109/48670210-cf658400-eb39-11e8-8aad-fa2c2915c42a.png)\n","funding_links":["https://github.com/sponsors/ajinabraham","https://paypal.me/ajinabraham"],"categories":["\u003ca id=\"8f92ead9997a4b68d06a9acf9b01ef63\"\u003e\u003c/a\u003e扫描器\u0026\u0026安全扫描\u0026\u0026App扫描\u0026\u0026漏洞扫描","\u003ca id=\"132036452bfacf61471e3ea0b7bf7a55\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"de63a029bda6a7e429af272f291bb769\"\u003e\u003c/a\u003e未分类-Scanner"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fajinabraham%2Fcmsscan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fajinabraham%2Fcmsscan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fajinabraham%2Fcmsscan/lists"}