This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Joomla Vulnerability Scanner Usage

From OWASP
Revision as of 17:40, 8 March 2018 by Rezasp (talk | contribs)

Jump to: navigation, search
    Usage:	joomscan.pl [options]
   --url | -u <URL>                         |   The Joomla URL/domain to scan.
   --enumerate-components          | -ec    |   Try to enumerate components.
   --cookie <String>                       |   Set cookie.
   --user-agent | -a <user-agent>   |   Use the specified User-Agent.
   --random-agent | -r                   |   Use a random User-Agent.
   --timeout <time-out>                  |   set timeout.
   --about                                      |   About Author
   --update                                    |   Update to the latest version.
   --help | -h                                 |   This help screen.
   --version                                   |   Output the current version and exit.


Do default checks:
        perl joomscan.pl -u www.example.com  
        or
        perl joomscan.pl --url www.example.com
        
Check:   joomscan.pl check
         This option will check if the scanner update is available or not.
Update:  joomscan.pl update
         This option will check and update the local database if newer
         version is available.
Download: joomscan.pl download
          - Download the scanner latest version as a single zip file - joomscan-latest.zip.
Defense: joomscan.pl defense
         This option will give you a defensive note.
About:   joomscan.pl story
         This option will give you a short story about joomscan.
Read:   joomscan.pl read DOCFILE
          DOCFILE - changelog,release_note,readme,credits,faq,owasp_project