Search the Community

Introduction CMSeeK is a CMS detection and exploitation tool, written in Python3, capable of scanning numerous content management systems including WordPress, Joomla, Drupal, etc. It allows you to run both simple CMS detection and deep scans, as well as multisite scans. Currently it can be ran on any Unix-based system (Linux, OS X), but soon it’ll be available for Windows, too. Features: CMSeeK can perform basic CMS detection: for plenty of different CMS (150+). Capable of advanced WordPress scans: plugins, user and theme enumeration; version and user detection (3 different detection modes); version vulnerabilities detection, etc. Beside WordPress version detection, it can detect Drupal version. Capable of Advanced Joomla scans: admin page and backup files finder; core vulnerability and config leak detection; directory listing checks, etc. It has modular brute-force system: you can use pre made or create your own modules and integrate it within CMSeeK system. And so much more. Version 1.1.3 updates: Release Date: 25th July 2020 Added new CMS: Smartstore Solusquare Commerce Cloud Spree Brightspot CMS Amiro.CMS Weebly ekmPowershop GoDaddy Website Builder WHMCS Zen Cart OpenNemas CMS IPO CMS Version detection added for: Amiro.CMS GoDaddy Website Builder Added WordPress Bruteforce via XML-RPC improved logging for joomla scans improved logging for WordPress deep scan Switched to wpvulns.com for wordpress vulnerabilities Added --light-scan argument Added (--only-cms, -o) argument [hide][Hidden Content]]