{"id":13844654,"url":"https://github.com/rastating/joomlavs","last_synced_at":"2025-07-12T00:31:02.118Z","repository":{"id":149119135,"uuid":"39354182","full_name":"rastating/joomlavs","owner":"rastating","description":"A black box, Ruby powered, Joomla vulnerability scanner","archived":true,"fork":false,"pushed_at":"2018-07-05T23:21:58.000Z","size":360,"stargazers_count":272,"open_issues_count":3,"forks_count":87,"subscribers_count":26,"default_branch":"master","last_synced_at":"2024-08-05T17:42:42.546Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rastating.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2015-07-20T00:14:13.000Z","updated_at":"2024-07-01T18:53:28.000Z","dependencies_parsed_at":"2023-05-05T02:32:26.173Z","dependency_job_id":null,"html_url":"https://github.com/rastating/joomlavs","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fjoomlavs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fjoomlavs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fjoomlavs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rastating%2Fjoomlavs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rastating","download_url":"https://codeload.github.com/rastating/joomlavs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225772719,"owners_count":17521876,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:02:50.399Z","updated_at":"2024-11-21T17:30:40.331Z","avatar_url":"https://github.com/rastating.png","language":"Ruby","funding_links":[],"categories":["Ruby (88)","Ruby"],"sub_categories":[],"readme":"# joomlavs [![Build Status](https://travis-ci.org/rastating/joomlavs.svg?branch=master)](https://travis-ci.org/rastating/joomlavs) [![Coverage Status](https://coveralls.io/repos/github/rastating/joomlavs/badge.svg?branch=development)](https://coveralls.io/github/rastating/joomlavs?branch=development) [![Code Climate](https://codeclimate.com/github/rastating/joomlavs/badges/gpa.svg)](https://codeclimate.com/github/rastating/joomlavs)\nA black box, Ruby powered, Joomla vulnerability scanner\n\n## What is it?\nJoomlaVS is a Ruby application that can help automate assessing how vulnerable a Joomla installation is to exploitation. It supports basic finger printing and can scan for vulnerabilities in components, modules and templates as well as vulnerabilities that exist within Joomla itself.\n\n## How to install\nJoomlaVS has so far only been tested on Debian, but the installation process should be similar across most operating systems.\n\n1. Ensure Ruby [2.4.4 or above] is installed on your system\n2. Clone the source code using ```git clone https://github.com/rastating/joomlavs.git```\n3. Install bundler and required gems using ```gem install bundler \u0026\u0026 bundle install```\n\n## Troubleshooting Installation\nIf you have issues installing JoomlaVS' dependencies (in particular, Nokogiri), first make sure you have all the tooling necessary to compile C extensions:\n\n```\nsudo apt-get install build-essential patch\n```\n\nIt’s possible that you don’t have important development header files installed on your system. Here’s what you should do if you should find yourself in this situation:\n\n```\nsudo apt-get install ruby-dev zlib1g-dev liblzma-dev libcurl4-openssl-dev\n```\n\n## How to use\nThe only required option is the ```-u``` / ```--url``` option, which specifies the address to target. To do a full scan, however, the ```--scan-all``` option should also be specified, e.g. ```ruby joomlavs.rb -u yourjoomlatarget.com --scan-all```.\n\nA full list of options can be found below:\n\n```\nusage: joomlavs.rb [options]\nBasic options\n    -u, --url              The Joomla URL/domain to scan.\n    --basic-auth           \u003cusername:password\u003e The basic HTTP authentication credentials\n    -v, --verbose          Enable verbose mode\nEnumeration options\n    -a, --scan-all         Scan for all vulnerable extensions\n    -c, --scan-components  Scan for vulnerable components\n    -m, --scan-modules     Scan for vulnerable modules\n    -t, --scan-templates   Scan for vulnerable templates\n    -q, --quiet            Scan using only passive methods\nAdvanced options\n    --disable-tls-checks   Disable SSL/TLS certificate verification.\n    --follow-redirection   Automatically follow redirections\n    --no-colour            Disable colours in output\n    --proxy                \u003c[protocol://]host:port\u003e HTTP, SOCKS4 SOCKS4A and SOCKS5 are supported. If no protocol is given, HTTP will be used\n    --proxy-auth           \u003cusername:password\u003e The proxy authentication credentials\n    --threads              The number of threads to use when multi-threading requests\n    --user-agent           The user agent string to send with all requests\n```\n\n## License\nCopyright (C) 2015-2018 rastating\n\nRunning JoomlaVS against websites without prior mutual consent may be illegal in your country. The author and parties involved in its development accept no liability and are not responsible for any misuse or damage caused by JoomlaVS.\n\nThis program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\n\nThis program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License along with this program.  If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frastating%2Fjoomlavs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frastating%2Fjoomlavs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frastating%2Fjoomlavs/lists"}