Scan WordPress, Drupal, Joomla, vBulletin websites for Security issues.
CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.
Install
# Requires ruby, ruby-dev, gem, python3 and git
git clone https://github.com/ajinabraham/CMSScan.git
cd CMSScan
./setup.shRun
./run.sh
Periodic Scans
You can perform periodic CMS scans with CMSScan. You must run CMSScan server separately and configure the following before running the scheduler.py script.
# SMTP SETTINGS
SMTP_SERVER = ''
FROM_EMAIL = ''
TO_EMAIL = ''# SERVER SETTINGS
SERVER = ''
# SCAN SITES
WORDPRESS_SITES = []
DRUPAL_SITES = []
JOOMLA_SITES = []
VBULLETIN_SITES = []
Add a cronjob
crontab -e
@weekly /usr/bin/python3 scheduler.pyDocker
Local
docker build -t cmsscan .
docker run -it -p 7070:7070 cmsscanPrebuilt Image
docker pull opensecurity/cmsscan
docker run -it -p 7070:7070 opensecurity/cmsscanScreenshots
run.sh error
[2019-10-20 14:48:03 +0000] [1209] [INFO] Starting gunicorn 19.9.0
[2019-10-20 14:48:03 +0000] [1209] [ERROR] Connection in use: (‘0.0.0.0’, 7070)
[2019-10-20 14:48:03 +0000] [1209] [ERROR] Retrying in 1 second.
[2019-10-20 14:48:04 +0000] [1209] [ERROR] Connection in use: (‘0.0.0.0’, 7070)
[2019-10-20 14:48:04 +0000] [1209] [ERROR] Retrying in 1 second.
[2019-10-20 14:48:05 +0000] [1209] [ERROR] Connection in use: (‘0.0.0.0’, 7070)
[2019-10-20 14:48:05 +0000] [1209] [ERROR] Retrying in 1 second.
[2019-10-20 14:48:06 +0000] [1209] [ERROR] Connection in use: (‘0.0.0.0’, 7070)
[2019-10-20 14:48:06 +0000] [1209] [ERROR] Retrying in 1 second.
[2019-10-20 14:48:07 +0000] [1209] [ERROR] Connection in use: (‘0.0.0.0’, 7070)
[2019-10-20 14:48:07 +0000] [1209] [ERROR] Retrying in 1 second.
[2019-10-20 14:48:08 +0000] [1209] [ERROR] Can’t connect to (‘0.0.0.0’, 7070)
Change the port