Skip to content

moloch54/CMScan

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

64 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CMScan

CMScan screenshot

CMScan is a unified security scanner for WordPress, Drupal, Joomla, PrestaShop, Shopify, Magento, TYPO3, and OpenCart websites.

No api-key, no limitation
It detects CMS versions, enumerates users, checks for known vulnerabilities, and exports the results to CSV.

Features

  • ✅ Vulnerability checking through:
  • ✅ Detection of sensitive files and paths (wp-config, .git, .env, etc.)
  • ✅ Security header auditing (HSTS, CSP, X-Frame-Options, etc.)
  • ✅ Comprehensive CSV export
  • --host mode support for shared hosting environments
  • ✅ Automatic 403 bypass using User-Agent rotation

Installation

Using the installer (recommended)

git clone https://github.com/moloch54/CMScan
cd CMScan
chmod +x install.sh
./install.sh

Usage

python3 CMScan.py -L target.com