This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category:OWASP Joomla Vulnerability Scanner Project

From OWASP
Revision as of 16:59, 8 July 2009 by Paulo Coimbra (talk | contribs)

Jump to: navigation, search

Main

Overview

Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few.So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS.

License

OWASP Joomla Vulnerability Scanner is released under the GNU GENERAL PUBLIC LICENSE Version 3. For further information on OWASP licenses, please consult the OWASP Licenses page.

Downloads

Click Primary Source to download the latest.

Click Secondary Source to download the latest.

Current Features

The following features are currently available.

  • Exact version Probing (the scanner can tell whether a target is running version 1.5.9)
  • Searching known vulnerabilities of Joomla! and its components
  • Reporting to Text & HTML output
  • Immediate update capability via scanner or svn

Advantage over a Generic Vulnerability Scanner

  • Faster because it won't fuzz all requests like a generic scanner
  • Detect the application version when a generic scanner knows nothing
  • Detect all possible published vulnerabilities when a generic scanner cannot

Usage Instructions

Click here for documentation regarding the use of the OWASP Joomla Vulnerability Scanner.

Road Map

Click here to view the road map for the latest development version of OWASP Joomla Vulnerability Scanner. Please feel free to add your own change requests or send me patches/diffs!

Feedback and Participation

We hope you find OWASP Joomla Vulnerability Scanner useful. Please contribute back to the project by sending your comments, questions, and suggestions to joomscan[@]yehg.net. Thank you.

Donations

The Open Web Application Security Project is purely an open-source community driven effort. As such, all projects and research efforts are contributed and maintained with an individual's spare time. If you have found this or any other project useful, please support OWASP with a donation.

Project Sponsors

The OWASP Joomla Vulnerability Scanner project is sponsored by YGN Ethical Hacker Group, Myanmar yehg_logo.gif.


Project Identification


PROJECT INFORMATION
Project Name OWASP Joomla Vulnerability Scanner Project (OJVS)
Short Project Description

A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site.

Key Project Information

Project Leader
Aung Khant

Project Contibutors
None

Mailing List
Subscribe here
Use here

License
GNU GENERAL PUBLIC LICENSE Version 3

Project Type
Tool

Sponsors
YGN Ethical Hacker Group, Myanmar

Release Status Main Links Related Projects

Beta Quality
Please see here for complete information.

yehg.net/lab


Work in Progress

Subcategories

This category has only the following subcategory.