This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Joomla Vulnerability Scanner Usage

Revision as of 23:03, 20 August 2009 by D0ubl3 h3lix (talk | contribs)

Jump to: navigation, search
Usage: -u <string> -x proxy:port
        -u <string>      = joomla Url
        -x <string:int>  = proXy to tunnel
        -c <string>      = cookie (name=value;)
        -g "<string>"   = desired useraGent string within "
        -nv              = No Version fingerprinting check
        -nf              = No Firewall detection check
        -nvf/-nfv        = No version+firewall check
        -pe              = Poking version only
                           (and Exit the scanner)
        -ot              = Output to Text file (target-joexploit.txt)
        -oh              = Output to Html file (target-joexploit.htm)
        -vu              = Verbose (output every Url scan)
        -sp              = Show completed Percentage
Example: -pv -u -x localhost:8080          
Check: check
         This option will check if the scanner update is available or not.
Update: update
         This option will check and update the local database if newer
         version is available.
Download: download
          - Download the scanner latest version as a single zip file -
Defense: defense
         This option will give you a defensive note.
About: story
         This option will give you a short story about joomscan.
Read: read DOCFILE
          DOCFILE - changelog,release_note,readme,credits,faq,owasp_project