Perform a Joomla security assessment by finding vulnerabilities in Joomla core, components, modules and templates.
Joomla Penetration Testing
Decrease the time spent on your penetration tests using this scanner. It is already installed, configured and ready-to-go. Use it to quickly discover Joomla vulnerabilities.
Check if your own installation of Joomla is updated and properly configured. Enumerate your existing Joomla components, modules, templates and verify if they are at the latest version.
Third-Party Website Audit
If you are a web development company, you can also show this report to your clients and prove that you have implemented the proper security measures in the Joomla website.
The scanner attempts to identify security weaknesses in the target Joomla website (core, components, modules and templates).
It performs a remote scan, without authentication, using a black-box approach. This simulates an external attacker who tries to penetrate the target Joomla website.
The Joomla Vulnerability Scanner performs the following operations to assess the security of the target website:
Detect the installed Joomla version
Show the vulnerabilities which affect the identified Joomla version
Enumerate installed components and their versions
Show the vulnerabilities for the identified components
Enumerate the installed modules and their versions
Show the vulnerabilities for the identified modules
Enumerate the installed templates and their versions
Show the vulnerabilities for the identified templates
The scanner is based on the well known JoomlaVS scanning tool.
This is the URL of the Joomla website that will be scanned. All URLs must start with 'http' or 'https'. Don't forget to specify the complete path to the base directory of the Joomla installation. Ex. http://targetjoomla.com/cms/.
How it works
The scanner connects to the target Joomla website and retrieves information from the HTML pages in order to fingerprint the Joomla version.
The enumeration of components, modules and templates is actively done by trying multiple known names.
The tool extracts the vulnerability information from a frequently updated database and includes them in the final report together with references for vulnerability details.
This tool costs 50 credits but you have 40 credits left.