WPScan
WPScan WPScan is the definitive WordPress vuln scanner that probes for outdated cores, plugins, and themes against CVE feeds, with API integration for aggressive enumeration of users or configs. Run its Ruby CLI on sites with --api-token for authenticated scans, outputting JSON for reports on exploitable weaknesses. Open-source from wpscanteam, it's the WP watchdog for pentesters templating CMS audits with precision.
Explore →Droopescan
Droopescan Droopescan is the Drupal-specific crawler that fingerprints versions and modules, matching against known vulns for targeted scans on core or contrib exposures. Launch its Python script on targets with --scan-modules for deep dives, exporting results for manual exploits. Open-source from Drupal, it's the module mapper for Drupal defenders fuzzing CMS weaknesses.
Explore →JoomScan
JoomScan JoomScan is the Joomla vuln detector that scans for component weaknesses and version disclosures, leveraging a signature DB for known exploits in extensions. Run the Perl CLI on sites for detailed reports on paths like /administrator for admin vulns. Open-source from OWASP, it's the Joomla janitor for web pentesters cleaning up CMS holes.
Explore →CMSmap
CMSmap CMSmap is the multi-CMS scanner for WordPress, Joomla, Drupal, and Moodle, fuzzing paths and params for known vulns with automated exploitation attempts. Fire up its Python CLI on scopes for module-based attacks, logging successes for follow-through. Open-source from auditf, it's the CMS cartographer for pentesters mapping multiple platforms in one sweep.
Explore →Plecost
Plecost Plecost is the WordPress plugin enumerator that fingerprints installed extensions via version disclosure, matching against CVE DB for exploitable vulns in active setups. Scan via Python CLI with --plugins for targeted lists, exporting POC links for exploits. Open-source from CesarSacha, it's the plugin profiler for WP auditors spotting outdated risks.
Explore →Nuclei CMS Templates
Nuclei CMS Templates Nuclei CMS Templates use YAML rules to scan for CMS-specific CVEs like WordPress plugin flaws or Drupal core exploits, templating requests for passive/active detection. Clone the pack, run via Nuclei CLI on sites for matched templates with severity tags. Open-source from projectdiscovery, it's the template tracker for pentesters hunting CMS vulns with modular signatures.
Explore →Vane
Vane Vane is the CMS vuln scanner for WordPress and Joomla, crawling for version info and testing common exploits with modular checks for plugin weaknesses. Deploy its Python framework on targets, configuring modules for focused scans and reports. Open-source from 0x09AL, it's the CMS crawler for web security pros templating multi-platform assessments.
Explore →WPForce
WPForce WPForce is the brute-forcer for WordPress users and plugins, wordlisting logins or enumerating active extensions against vuln DB for targeted attacks. Run its Python CLI with dicts for credential sprays or plugin lists. Open-source from z prying, it's the WP warrior for pentesters templating auth and extension hunts in CMS perimeters.
Explore →JoomLatta
JoomLatta JoomLatta is the Joomla extension scanner that fingerprints components and tests for known vulns via path fuzzing and version checks in admin panels. Launch the Python script on sites for module reports, chaining with Metasploit for exploits. Open-source from community, it's the Joomla juggernaut for auditors templating extension exposures.
Explore →Drupalgeddon Scanner