CMSeeK

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

2,287

498

2,287

View on GitHub

Top Related Projects

wpscan

8,489

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

CMSmap

1,018

CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

commix

4,504

Automated All-in-One OS Command Injection Exploitation Tool.

sqlmap

31,882

Automatic SQL injection and database takeover tool

Quick Overview

CMSeeK is an open-source Content Management System (CMS) detection and exploitation tool. It can accurately detect over 170 CMS types and perform various scans and exploit checks on the target websites. CMSeeK is designed to automate the process of CMS detection and vulnerability assessment.

Pros

Supports a wide range of CMS types (170+)
Includes both detection and exploitation capabilities
Regularly updated with new CMS signatures and exploit modules
User-friendly command-line interface

Cons

May trigger security alerts on target websites due to aggressive scanning
Some exploit modules may be outdated or ineffective against patched systems
Requires careful use to avoid legal issues or unintended damage to target systems
Performance can be slow when scanning multiple targets or using all available modules

Getting Started

To get started with CMSeeK:

Clone the repository:

git clone https://github.com/Tuhinshubhra/CMSeeK.git

Install required dependencies:

cd CMSeeK
pip install -r requirements.txt

Run CMSeeK:
```
python3 cmseek.py
```

For a basic scan of a target website:

python3 cmseek.py -u https://example.com

Note: Always ensure you have proper authorization before scanning or testing any website. Unauthorized scanning may be illegal in some jurisdictions.

Competitor Comparisons

wpscan

8,489

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

Pros of WPScan

Specialized for WordPress, offering deeper and more comprehensive scans
Regularly updated with the latest WordPress vulnerabilities
Supports both CLI and API usage for flexibility

Cons of WPScan

Limited to WordPress only, unlike CMSeeK's multi-CMS support
Requires Ruby installation, which may be less convenient for some users
Can be more resource-intensive for large-scale scans

Code Comparison

WPScan (Ruby):

def scan_headers
  puts 'Scanning headers...'
  # Header scanning logic
end

CMSeeK (Python):

def scan_headers():
    print('Scanning headers...')
    # Header scanning logic

Both tools use similar approaches for header scanning, but WPScan's Ruby implementation may offer performance benefits for WordPress-specific tasks, while CMSeeK's Python code provides greater flexibility for multi-CMS support.

CMSmap

1,018

CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

Pros of CMSmap

Supports a wider range of CMS platforms, including less common ones
Offers more advanced scanning options and customization
Provides detailed vulnerability reports with potential exploits

Cons of CMSmap

Less frequent updates compared to CMSeeK
Requires more technical knowledge to use effectively
May have a steeper learning curve for beginners

Code Comparison

CMSmap:

def fingerprint(self):
    self.fingerprint_cms()
    if self.cms == "wordpress":
        self.fingerprint_wordpress()
    elif self.cms == "joomla":
        self.fingerprint_joomla()
    elif self.cms == "drupal":
        self.fingerprint_drupal()

CMSeeK:

def detect_cms(self):
    for cms in self.cms_list:
        if cms.detect():
            return cms
    return None

CMSmap uses separate functions for each CMS, while CMSeeK employs a more modular approach with a unified detection method. CMSmap's code structure allows for more specific fingerprinting techniques, but CMSeeK's design may be more extensible for adding new CMS support.

Corsy

1,339

CORS Misconfiguration Scanner

Pros of Corsy

Focuses specifically on CORS misconfigurations, providing in-depth analysis
Offers a wider range of CORS-related vulnerability checks
Includes a feature to generate PoC exploits for discovered vulnerabilities

Cons of Corsy

Limited to CORS-related issues, while CMSeeK covers a broader range of CMS vulnerabilities
Less frequent updates and maintenance compared to CMSeeK
Smaller community and fewer contributors

Code Comparison

CMSeeK:

def detect_cms(url):
    for cms in cmss:
        if cms.detect(url):
            return cms.name
    return None

Corsy:

def scan(url):
    headers = get_headers(url)
    if 'Access-Control-Allow-Origin' in headers:
        analyze_cors_policy(headers)

Both tools use Python for their core functionality, but their approaches differ based on their specific purposes. CMSeeK focuses on detecting and fingerprinting various Content Management Systems, while Corsy specializes in analyzing CORS policies and identifying potential misconfigurations.

CMSeeK's code snippet demonstrates its CMS detection logic, iterating through different CMS modules. Corsy's code, on the other hand, shows its focus on CORS-specific header analysis.

commix

4,504

Automated All-in-One OS Command Injection Exploitation Tool.

Pros of commix

Broader scope: Focuses on command injection vulnerabilities across various web applications and systems
More advanced features: Includes automated exploitation and payload generation capabilities
Active development: Regularly updated with new features and vulnerability checks

Cons of commix

Steeper learning curve: Requires more technical knowledge to use effectively
Potentially more false positives: Due to its broader scope, may generate more false positives than CMSeeK
Less specialized: Not specifically tailored for CMS detection and enumeration like CMSeeK

Code comparison

CMSeeK:

def detect_cms(url):
    for cms in cms_list:
        if cms.detect(url):
            return cms.name
    return None

commix:

def inject_payload(url, payload):
    response = requests.get(url + payload)
    if "vulnerable" in response.text:
        return True
    return False

Both projects use Python for their core functionality, but commix focuses on payload injection and exploitation, while CMSeeK emphasizes CMS detection and enumeration. CMSeeK's code is more specialized for CMS identification, while commix's code is designed for broader command injection testing across various web applications.

sqlmap

31,882

Automatic SQL injection and database takeover tool

Pros of sqlmap

More comprehensive SQL injection testing capabilities
Supports a wider range of database management systems
Actively maintained with frequent updates and contributions

Cons of sqlmap

Steeper learning curve due to more complex features
May be considered overkill for simple CMS detection tasks
Requires more system resources to run effectively

Code Comparison

CMSeeK (Python):

def detect_cms(url):
    for cms in cms_list:
        if cms.detect(url):
            return cms.name
    return None

sqlmap (Python):

def sqlmap(url):
    for technique in injection_techniques:
        if technique.test(url):
            return technique.exploit(url)
    return None

While CMSeeK focuses on CMS detection with simpler code structure, sqlmap employs more complex techniques for SQL injection testing and exploitation. CMSeeK is better suited for quick CMS identification, while sqlmap offers more advanced features for comprehensive security assessments of database-driven applications.

nikto

8,312

Nikto web server scanner

Pros of nikto

Broader scope: Scans for various web server vulnerabilities, not limited to CMS
More mature project with longer development history and larger user base
Supports multiple output formats (HTML, CSV, XML) for easy integration

Cons of nikto

Less focused on CMS-specific vulnerabilities compared to CMSeeK
May produce more false positives due to its broader scanning approach
Slower scanning speed, especially for large websites

Code comparison

CMSeeK:

def detect_cms(url):
    for cms in cms_list:
        if cms.detect(url):
            return cms.name
    return None

nikto:

sub scan_host {
    foreach my $plugin (@plugins) {
        $plugin->scan($target);
    }
}

Both tools use a plugin-based architecture for scanning, but CMSeeK focuses specifically on CMS detection and enumeration, while nikto scans for a wider range of web server vulnerabilities. CMSeeK's Python code is more modern and readable, while nikto's Perl codebase may be less accessible to newer developers.

Convert designs to code with AI

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Logo

What is a CMS?

A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc.

Release History

- Version 1.1.3 [25-07-2020]
- Version 1.1.2 [19-05-2019]
- Version 1.1.1 [01-02-2019]
- Version 1.1.0 [28-08-2018]
- Version 1.0.9 [21-08-2018]
- Version 1.0.8 [14-08-2018]
- Version 1.0.7 [07-08-2018]
...

Changelog File

Functions Of CMSeek:

Basic CMS Detection of over 180 CMS
Drupal version detection
Advanced Wordpress Scans
- Detects Version
- User Enumeration
- Plugins Enumeration
- Theme Enumeration
- Detects Users (3 Detection Methods)
- Looks for Version Vulnerabilities and much more!
Advanced Joomla Scans
- Version detection
- Backup files finder
- Admin page finder
- Core vulnerability detection
- Directory listing check
- Config leak detection
- Various other checks
Modular bruteforce system
- Use pre made bruteforce modules or create your own and integrate with it

Requirements and Compatibility:

CMSeeK is built using python3, you will need python3 to run this tool and is compitable with unix based systems as of now. Windows support will be added later. CMSeeK relies on git for auto-update so make sure git is installed.

Installation and Usage:

It is fairly easy to use CMSeeK, just make sure you have python3 and git (just for cloning the repo) installed and use the following commands:

git clone https://github.com/Tuhinshubhra/CMSeeK
cd CMSeeK
pip/pip3 install -r requirements.txt

For guided scanning:

python3 cmseek.py

Else:

python3 cmseek.py -u <target_url> [...]

Help menu from the program:

USAGE:
       python3 cmseek.py (for guided scanning) OR
       python3 cmseek.py [OPTIONS] <Target Specification>

SPECIFING TARGET:
      -u URL, --url URL            Target Url
      -l LIST, --list LIST         Path of the file containing list of sites
                                   for multi-site scan (comma separated or one-per-line)

MANIPULATING SCAN:
      -i cms, --ignore--cms cms    Specify which CMS IDs to skip in order to
                                   avoid flase positive. separated by comma ","

      --strict-cms cms             Checks target against a list of provided
                                   CMS IDs. separated by comma ","

      --skip-scanned               Skips target if it's CMS was previously detected.

RE-DIRECT:
      --follow-redirect            Follows all/any redirect(s)
      --no-redirect                Skips all redirects and tests the input target(s)

USER AGENT:
      -r, --random-agent           Use a random user agent
      --googlebot                  Use Google bot user agent
      --user-agent USER_AGENT      Specify a custom user agent

OUTPUT:
      -v, --verbose                Increase output verbosity

VERSION & UPDATING:
      --update                     Update CMSeeK (Requires git)
      --version                    Show CMSeeK version and exit

HELP & MISCELLANEOUS:
      -h, --help                   Show this help message and exit
      --clear-result               Delete all the scan result
      --batch                      Never ask you to press enter after every site in a list is scanned

EXAMPLE USAGE:
      python3 cmseek.py -u example.com                           # Scan example.com
      python3 cmseek.py -l /home/user/target.txt                 # Scan the sites specified in target.txt (comma separated)
      python3 cmseek.py -u example.com --user-agent Mozilla 5.0  # Scan example.com using custom user-Agent Mozilla is 5.0 used here
      python3 cmseek.py -u example.com --random-agent            # Scan example.com using a random user-Agent
      python3 cmseek.py -v -u example.com                        # enabling verbose output while scanning example.com

Checking For Update:

You can check for update either from the main menu or use python3 cmseek.py --update to check for update and apply auto update.

P.S: Please make sure you have git installed, CMSeeK uses git to apply auto update.

Detection Methods:

CMSeek detects CMS via the following:

HTTP Headers
Generator meta tag
Page source code
robots.txt
Directory check

Supported CMSs:

CMSeeK currently can detect 170+ CMS. Check the list here: cmss.py file which is present in the cmseekdb directory. All the cmss are stored in the following way:

 cmsID = {
   'name':'Name Of CMS',
   'url':'Official URL of the CMS',
   'vd':'Version Detection (0 for no, 1 for yes)',
   'deeps':'Deep Scan (0 for no 1 for yes)'
 }

Scan Result:

All of your scan results are stored in a json file named cms.json, you can find the logs inside the Result\<Target Site> directory, and as of the bruteforce results they're stored in a txt file under the site's result directory as well.

Here is an example of the json report log:

Json Log

Bruteforce Modules:

CMSeek has a modular bruteforce system meaning you can add your custom made bruteforce modules to work with cmseek. A proper documentation for creating modules will be created shortly but in case you already figured out how to (pretty easy once you analyze the pre-made modules) all you need to do is this:

Add a comment exactly like this # <Name Of The CMS> Bruteforce module. This will help CMSeeK to know the name of the CMS using regex
Add another comment ### cmseekbruteforcemodule, this will help CMSeeK to know it is a module
Copy and paste the module in the brutecms directory under CMSeeK's directory
Open CMSeeK and Rebuild Cache using R as the input in the first menu.
If everything is done right you'll see something like this (refer to screenshot below) and your module will be listed in bruteforce menu the next time you open CMSeeK.

Cache Rebuild Screenshot

Need More Reasons To Use CMSeeK?

If not anything you can always enjoy exiting CMSeeK (please don't), it will bid you goodbye in a random goodbye message in various languages.

Also you can try reading comments in the code those are pretty random and weird!!!

Screenshots:

Main Menu

Scan Result

WordPress Scan Result

Guidelines for opening an issue:

Please make sure you have the following info attached when opening a new issue:

Target
Exact copy of error or screenshot of error
Your operating system and python version

Issues without these informations might not be answered!

Disclaimer:

Usage of CMSeeK for testing or exploiting websites without prior mutual consistency can be considered as an illegal activity. It is the final user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.

License:

CMSeeK is licensed under GNU General Public License v3.0

Follow Me @r3dhax0r:

Twitter

Top Related Projects

Convert designs to code with AI

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot