[TOOL] CMS Explorer



CMS Explorer is designed to reveal the the specific modules, plugins and
themes that various Content Management System (CMS) driven web sites are
running. It can also assist security testing by looking up related
vulnerabilities in osvdb.org, as well as revealing otherwise "hidden"
files available with components.


Features include:
- Support for Wordpress, Drupal, Joomla! and Mambo plugins & themes
- OSVDB.org API search for potential vulnerabilities in found components
- Explore discovered components by getting file lists directly from the
code repo
- Bootstrap a scan proxy (such as Burp) with all found files
- Easy update for newest Drupal/Wordpress components
- Distinct proxy setup for scanning and bootstrapping

Download and Usage: http://code.google.com/p/

More about CMS Explorer:
http://security.sunera.com/2010/03/cms-explorer-or-whats-that-cms-running.html

--
Chris Sullo
http://security.sunera.com/


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------