WhatCMS.sh

CMS Detection and Exploit Kit based on Whatcms.org API.

Introduction

Whatcms.sh can currently detect the use of more than 330 different CMS applications and services to later indicate a list of valid security audit tools for the detected CMS.

You need the whatcms.org API to use the tool:

• Get API key

Use

Usage: ./whatcms.sh example.com

-h          Display help message
-wh         Check hosting details
--tools     Display tools information

Information

Detected CMSs

CMS list

Included tools

TOOLS	UTILITY	REPO URL
Dumb0	Username Scrapper Tool	https://github.com/0verl0ad/Dumb0/
CMSsc4n	Identify Tool	https://github.com/n4xh4ck5/CMSsc4n
Puppet	Identify Tool	https://github.com/Poil/puppet-websites-facts
pyfiscan	Identify Tool	https://github.com/fgeek/pyfiscan
XAttacker	Exploit Tool	https://github.com/Moham3dRiahi/XAttacker
beecms	Exploit Tool	https://github.com/CHYbeta/cmsPoc
CMSXPL	Exploit Tool	https://github.com/tanprathan/CMS-XPL
JMassExploiter	Exploit Tool	https://github.com/anarcoder/JoomlaMassExploiter
WPMassExploiter	Exploit Tool	https://github.com/anarcoder/WordPressMassExploiter
CMSExpFram	Exploit Tool	https://github.com/Q2h1Cg/CMS-Exploit-Framework
LotusXploit	Exploit Tool	https://github.com/Hood3dRob1n/LotusCMS-Exploit
BadMod	Exploit Tool	https://github.com/MrSqar-Ye/BadMod
M0B	Exploit Tool	https://github.com/mobrine-mob/M0B-tool
LetMeFuckIt	Exploit Tool	https://github.com/onthefrontline/LetMeFuckIt-Scanner
magescan	Exploit Tool	https://github.com/steverobbins/magescan
PRESTA	Exploit Tool	https://github.com/AlisamTechnology/PRESTA-modules-shell-exploit
EktronE	Exploit Tool	https://github.com/tomkallo/Ektron_CMS_8.02_exploit
XBruteForcer	Brute Force Tool	https://github.com/Moham3dRiahi/XBruteForcer
CoMisSion	Analyze Tool	https://github.com/Intrinsec/comission
droopescan	Analyze Tool	https://github.com/droope/droopescan
CMSmap	Analyze Tool	https://github.com/Dionach/CMSmap
JoomScan	Analyze Tool	https://github.com/rezasp/joomscan
VBScan	Analyze Tool	https://github.com/rezasp/vbscan
JoomlaScan	Analyze Tool	https://github.com/drego85/JoomlaScan
c5scan	Analyze Tool	https://github.com/auraltension/c5scan
T3scan	Analyze Tool	https://github.com/Oblady/T3Scan
moodlescan	Analyze Tool	https://github.com/inc0d3/moodlescan
SPIPScan	Analyze Tool	https://github.com/PaulSec/SPIPScan
WPHunter	Analyze Tool	https://github.com/aryanrtm/WP-Hunter
WPSeku	Analyze Tool	https://github.com/m4ll0k/WPSeku
ACDrupal	Analyze Tool	https://github.com/mrmtwoj/ac-drupal
Plown	Analyze Tool	https://github.com/unweb/plown
conscan	Analyze Tool	https://github.com/nullsecuritynet/tools/tree/master/scanner/conscan
CMSScanner	Analyze Tool	https://github.com/CMS-Garden/cmsscanner
cmsExplorer	Analyze Tool	https://code.google.com/archive/p/cms-explorer
WPScan	Analyze Tool	https://github.com/wpscanteam/wpscan
MooScan	Analyze Tool	https://github.com/vortexau/mooscan
Scanners	Analyze Tool	https://github.com/b3o1/Scanners
LiferayScan	Analyze Tool	https://github.com/bcoles/LiferayScan
InfoLeak	Analyze Tool	https://github.com/SIWECOS/InfoLeak-Scanner
joomlavs	Analyze Tool	https://github.com/rastating/joomlavs
WAScan	Analyze Tool	https://github.com/m4ll0k/WAScan
RedHawk	Analyze Tool	https://github.com/Tuhinshubhra/RED_HAWK
HostileSBF	Analyze Tool	https://github.com/nahamsec/HostileSubBruteforcer