[WEB SECURITY] Joomla security scanner

ken Johnson cktricky at gmail.com
Tue Sep 27 12:16:59 EDT 2011


The Web Exploitation Framework will concentrate on picking up where other
Joomla Scanners left off after we complete the next major release (roadmap).
Until that point....... BlindElephant and Joomscan are the only two tools
I've had any success with.



2011/9/27 Miguel González Castaños <miguel_3_gonzalez at yahoo.es>

> Dear all,
>  A long time ago I asked for a vulnerability scanner for Joomla. I admin a
> Joomla site and I'll to keep an eye on security.
>  Someone provided me this OWASP project:
> https://www.owasp.org/index.**php/Category:OWASP_Joomla_**
> Vulnerability_Scanner_Project#**tab=Project_Information<https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project#tab=Project_Information>
>  which apparently has been abandoned. I recall an email from the author
> saying he didn't have time to continue support this. I also tried the tool
> and gave me a bunch of false positives. I asked the author and sent the info
> to review it, but I never got an answer.
>  Anyway, what Joomla admins do to check security on their sites?
>  Thanks,
>  Miguel
> ______________________________**_________________
> The Web Security Mailing List
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/**websecurity.rss<http://www.webappsec.org/rss/websecurity.rss>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/**83336/4B20E4374DBA<http://www.linkedin.com/e/gis/83336/4B20E4374DBA>
> WASC on Twitter
> http://twitter.com/wascupdates
> websecurity at lists.webappsec.**org <websecurity at lists.webappsec.org>
> http://lists.webappsec.org/**mailman/listinfo/websecurity_**
> lists.webappsec.org<http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110927/572a8b8e/attachment-0003.html>

More information about the websecurity mailing list