Your ip: 54.161.64.174
Country
Account: anonymous
Free credits left: 40

Pentest-Tools.com

Easy Security Testing


CMS Version Scanner

   
Sample report
URL:
               (ex. http://krebsonsecurity.com/)
CMS Type:
   Wordpress
   Joomla
   Drupal
   Liferay CE

About this tool

Finds the exact version of a Content Management System (CMS) installed on the target website and compares it with the latest version.
Currently supported CMS types are: Wordpress, Joomla, Drupal and Liferay CE.

Knowing the precise version of a CMS can give us a good idea of the exploitability of the target website. If the current version is old, it most probably has old plugins which may contain vulnerabilities. Furthermore, the core CMS itself may contain vulnerabilities in older versions.

The tool is based on an improved and updated version of BlindElephant Web Application Fingerprinter.


Parameters

  • URL: This is the target website that will be fingerprinted. Sometimes blogs can be found at the url /blog and not in the root directory
  • CMS Type: This is the type of CMS that will be scanned for version information. Right now only Wordpress, Drupal, Joomla and Liferay Community Edition are supported.

How it works

The tool has a database of signatures specific to each static file, for each version of supported CMS. It works by trying to access known files located at known locations and comparing the signatures with the ones in the database. The technique is non-invasive.

The database is updated periodically with new signatures of new CMS versions.