Joomscan is one of the most popular Vulnerability scanner for Joomla CMS. It has so many features like User Friendly, Open Source, Extensibility, Easy to use, Easy to update etc. It will also help web developers and security experts to help identify possible security weakness on their deployed Joomla based sites. You can also save the output into Text and HTML format.
Joomscan is also available on OWASP Project
To know your Joomla Version, please type: lsb_release -a
To know your Joomla Kernel Version, please type: uname -a
Before to install Joomscan, you need to install two packages first i.e. libwww-perl and libwww-mechanize-perl
To install these packages, please type: sudo apt-get install libwww-perl libwww-mechanize-perl
Next, create a blank directory under /opt and download the latest version of Joomscan from sourceforge.net site by typing these commands:
To enter into /opt directory, please type: cd /opt
To download latest version of Joomscan, please type: wget “http://downloads.sourceforge.net/project/joomscan/joomscan/2012-03-10/joomscan-latest.zip?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fjoomscan%2F%3Fsource%3Ddlp&ts=1368806935&use_mirror=ncu” -O joomscan-latest.zip
After download, please move this package(zip file) to newly created directory i.e. joomscan which we just created under /opt.
After that, you have to unzip that downloaded file by typing this command: unzip joomscan-latest.zip
Now to run Joomscan on your terminal, please type this command: perl joomscan.pl -u http://target.com/
As you can see, it will automatically shows you all vulnerabilities on your target site.
You can also update your Joomscan to latest version by typing this command: perl joomscan.pl update
To know more about this Joomla vulnerability scanner, please go through help module by simply typing “joomscan” in your terminal.
For any kind of query, please mail us at firstname.lastname@example.org