[WEB SECURITY] Scan Joomla website for vulnerabilities

Wed Mar 23 15:36:15 EDT 2011

Miguel,

I'd suggest you post any questions you have to the project's mail list:
https://lists.owasp.org/mailman/listinfo/owasp-joomla-vulnerability-scanner

Every OWASP project gets a mail list to handle these kind of inquiries.

If the mail list fails, you can try contacting the author directly:
http://www.owasp.org/index.php/User:D0ubl3_h3lix

For the benefit of this list, any OWASP project should have a
"Project Information" tab on the main page for that project.  It will have
general information like project lead, license, mail list link, etc.

Hope that helps.

--
-- Matt Tesauro
OWASP Board Member
OWASP WTE Project Lead
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
http://AppSecLive.org - Community and Download site

On Wed, Mar 23, 2011 at 9:40 AM, Miguel Gonzalez <miguel_3_gonzalez at yahoo.es
> wrote:

> I have downloaded the OWASP Joomla scanner and seems to be fine. However It
> reports some SQL injection vulnerabilities that when I try to run the URL
> provided by the scanner get caught by Joomla as a 404 error so I'm not sure
> how polished this scanner is and how the vulnerability is determined.
>
> Apparently the previous admin setup some security modules in Joomla.
>
> Does anyone know any other Joomla scanner?
>
> Regards,
>
> Miguel
>
>
>
>
>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110323/7fbc7fdd/attachment.html>