Tool and Usage
Why this tool?
CMSmap helps saving time in the process of detecting what CMS is used for a given web application. It performs reconnaissance and can do additional vulnerability scanning.
How it works
CMSmap scans a web application by looking at HTTP headers and returned HTML code. Upon detection of the used CMS, the tool will start more specific tests for that CMS. It may go for the detection of particular themes, user names, or plugins.
Usage and audience
CMSmap is commonly used for application testing, information gathering, vulnerability scanning, or web application analysis. Target users for this tool are pentesters, security professionals, and system administrators.
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 500 contributors
- + The source code of this software is available
- - No releases on GitHub available
- - No updates for a while
Supported operating systems
CMSmap is known to work on Linux.
To use CMSmap, install it via the following method below.
git clone https://github.com/Dionach/CMSmap
After installation, check the version number of the program and compare it with the one on this page. Be aware of versions that are outdated, as they may contain bugs or even security vulnerabilities.
Similar tools to CMSmap:
CMSeeK is a security scanner for content management systems (CMS) and used for security assessments. Read how it works in this review.
Vane is a forked project of the now non-free popular WordPress vulnerability scanner WPScan.
Th3inspector is an information gathering tool to collect information about domains, DNS, web applications, and more. It may be used for security assessments.
This tool page was updated at . Found an improvement? Help the community by submitting an update.