This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Joomla Vulnerability Scanner Usage
From OWASP
Usage: joomscan.pl [options] --url | -u <URL> | The Joomla URL/domain to scan. --enumerate-components | -ec | Try to enumerate components. --cookie <String> | Set cookie. --user-agent | -a <user-agent> | Use the specified User-Agent. --random-agent | -r | Use a random User-Agent. --timeout <time-out> | set timeout. --about | About Author --update | Update to the latest version. --help | -h | This help screen. --version | Output the current version and exit.
Do default checks: perl joomscan.pl -u www.example.com or perl joomscan.pl --url www.example.com
Enumerate installed components: perl joomscan.pl --url www.example.com --enumerate-components or perl joomscan.pl -u www.example.com --ec
Set cookie: perl joomscan.pl --url www.example.com --cookie "test=demo;"
Set user-agent: perl joomscan.pl --url www.example.com --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)" or perl joomscan.pl -u www.example.com -a "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"
Set random user-agent: perl joomscan.pl -u www.example.com --random-agent or perl joomscan.pl --url www.example.com -r
Update Joomscan: perl joomscan.pl --update