This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Joomla Vulnerability Scanner Usage

Revision as of 23:40, 8 March 2018 by Rezasp (talk | contribs)

Jump to: navigation, search
    Usage: [options]
   --url | -u <URL>                         |   The Joomla URL/domain to scan.
   --enumerate-components          | -ec    |   Try to enumerate components.
   --cookie <String>                       |   Set cookie.
   --user-agent | -a <user-agent>   |   Use the specified User-Agent.
   --random-agent | -r                   |   Use a random User-Agent.
   --timeout <time-out>                  |   set timeout.
   --about                                      |   About Author
   --update                                    |   Update to the latest version.
   --help | -h                                 |   This help screen.
   --version                                   |   Output the current version and exit.

Do default checks:
        perl -u  
        perl --url
Check: check
         This option will check if the scanner update is available or not.
Update: update
         This option will check and update the local database if newer
         version is available.
Download: download
          - Download the scanner latest version as a single zip file -
Defense: defense
         This option will give you a defensive note.
About: story
         This option will give you a short story about joomscan.
Read: read DOCFILE
          DOCFILE - changelog,release_note,readme,credits,faq,owasp_project