Category:OWASP Joomla Vulnerability Scanner Project - Roadmap

As Joomla! is probably the most CMS out there, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity. It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS. To my experience, security testing on Joomla! web application requires pentester to look back the published vulnerabilities and if free, move on to generic testing. If we do only generic testing, we might miss a lot because it needs the knowledge of Joomla! application - its vulnerabilities in what version, what components are vulnerable in what version, what common security mistakes that web masters make ...etc.