Home

Awesome

WhatCMS.sh

CMS Detection and Exploit Kit based on Whatcms.org API.

Introduction

Whatcms.sh can currently detect the use of more than 330 different CMS applications and services to later indicate a list of valid security audit tools for the detected CMS.

You need the whatcms.org API to use the tool:

Use

Usage: ./whatcms.sh example.com

-h          Display help message
-wh         Check hosting details
--tools     Display tools information

alt

Information

Detected CMSs

CMS list

Included tools

TOOLSUTILITYREPO URL
Dumb0Username Scrapper Toolhttps://github.com/0verl0ad/Dumb0/
CMSsc4nIdentify Toolhttps://github.com/n4xh4ck5/CMSsc4n
PuppetIdentify Toolhttps://github.com/Poil/puppet-websites-facts
pyfiscanIdentify Toolhttps://github.com/fgeek/pyfiscan
XAttackerExploit Toolhttps://github.com/Moham3dRiahi/XAttacker
beecmsExploit Toolhttps://github.com/CHYbeta/cmsPoc
CMSXPLExploit Toolhttps://github.com/tanprathan/CMS-XPL
JMassExploiterExploit Toolhttps://github.com/anarcoder/JoomlaMassExploiter
WPMassExploiterExploit Toolhttps://github.com/anarcoder/WordPressMassExploiter
CMSExpFramExploit Toolhttps://github.com/Q2h1Cg/CMS-Exploit-Framework
LotusXploitExploit Toolhttps://github.com/Hood3dRob1n/LotusCMS-Exploit
BadModExploit Toolhttps://github.com/MrSqar-Ye/BadMod
M0BExploit Toolhttps://github.com/mobrine-mob/M0B-tool
LetMeFuckItExploit Toolhttps://github.com/onthefrontline/LetMeFuckIt-Scanner
magescanExploit Toolhttps://github.com/steverobbins/magescan
PRESTAExploit Toolhttps://github.com/AlisamTechnology/PRESTA-modules-shell-exploit
EktronEExploit Toolhttps://github.com/tomkallo/Ektron_CMS_8.02_exploit
XBruteForcerBrute Force Toolhttps://github.com/Moham3dRiahi/XBruteForcer
CoMisSionAnalyze Toolhttps://github.com/Intrinsec/comission
droopescanAnalyze Toolhttps://github.com/droope/droopescan
CMSmapAnalyze Toolhttps://github.com/Dionach/CMSmap
JoomScanAnalyze Toolhttps://github.com/rezasp/joomscan
VBScanAnalyze Toolhttps://github.com/rezasp/vbscan
JoomlaScanAnalyze Toolhttps://github.com/drego85/JoomlaScan
c5scanAnalyze Toolhttps://github.com/auraltension/c5scan
T3scanAnalyze Toolhttps://github.com/Oblady/T3Scan
moodlescanAnalyze Toolhttps://github.com/inc0d3/moodlescan
SPIPScanAnalyze Toolhttps://github.com/PaulSec/SPIPScan
WPHunterAnalyze Toolhttps://github.com/aryanrtm/WP-Hunter
WPSekuAnalyze Toolhttps://github.com/m4ll0k/WPSeku
ACDrupalAnalyze Toolhttps://github.com/mrmtwoj/ac-drupal
PlownAnalyze Toolhttps://github.com/unweb/plown
conscanAnalyze Toolhttps://github.com/nullsecuritynet/tools/tree/master/scanner/conscan
CMSScannerAnalyze Toolhttps://github.com/CMS-Garden/cmsscanner
cmsExplorerAnalyze Toolhttps://code.google.com/archive/p/cms-explorer
WPScanAnalyze Toolhttps://github.com/wpscanteam/wpscan
MooScanAnalyze Toolhttps://github.com/vortexau/mooscan
ScannersAnalyze Toolhttps://github.com/b3o1/Scanners
LiferayScanAnalyze Toolhttps://github.com/bcoles/LiferayScan
InfoLeakAnalyze Toolhttps://github.com/SIWECOS/InfoLeak-Scanner
joomlavsAnalyze Toolhttps://github.com/rastating/joomlavs
WAScanAnalyze Toolhttps://github.com/m4ll0k/WAScan
RedHawkAnalyze Toolhttps://github.com/Tuhinshubhra/RED_HAWK
HostileSBFAnalyze Toolhttps://github.com/nahamsec/HostileSubBruteforcer