CMSeeK is a CMS detection and exploitation suite where you can Scan WordPress, Joomla, Drupal and 100 other CMSs. CMS or content management system manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment.
Also Read GitMiner – Tool For Advanced Mining For Content On Github
It is fairly easy to use CMSeeK, just make sure you have python3 and git (just for cloning the repo) installed and use the following commands:
git clone https://github.com/Tuhinshubhra/CMSeeK cd CMSeeK
For guided scanning:
python3 cmseek.py
Else:
python3 cmseek.py -u <target_url> [...]
Help menu from the program:
USAGE:
python3 cmseek.py (for a guided scanning) OR
python3 cmseek.py [OPTIONS] <Target Specification>
SPECIFING TARGET:
-u URL, --url URL Target Url
-l LIST, -list LIST path of the file containing list of sites
for multi-site scan (comma separated)
USER AGENT:
-r, --random-agent Use a random user agent
--user-agent USER_AGENT Specify custom user agent
OUTPUT:
-v, --verbose Increase output verbosity
VERSION & UPDATING:
--update Update CMSeeK (Requires git)
--version Show CMSeeK version and exit
HELP & MISCELLANEOUS:
-h, --help Show this help message and exit
--clear-result Delete all the scan result
EXAMPLE USAGE:
python3 cmseek.py -u example.com # Scan example.com
python3 cmseek.py -l /home/user/target.txt # Scan the sites specified in target.txt (comma separated)
python3 cmseek.py -u example.com --user-agent Mozilla 5.0 # Scan example.com using custom user-Agent Mozilla is 5.0 used here
python3 cmseek.py -u example.com --random-agent # Scan example.com using a random user-Agent
python3 cmseek.py -v -u example.com # enabling verbose output while scanning example.com
CMSeek detects CMS via the following:
Usage of CMSeeK for testing or exploiting websites without prior mutual consistency can be considered as an illegal activity. It is the final user’s responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…