CMS detect

Skenery (online):

• https://hackertarget.com/drupal-security-scan/
• https://whatcms.org/
  • https://twitter.com/what_cms
  • https://whatcms.org/Blog/Introducing_Technology_Reports
  • https://addons.mozilla.org/en-US/firefox/addon/what-cms-is-this/
• http://cmsdetect.com/
• https://w3techs.com/sites (also as chrome & ff extension), but only crawled sites by them results
• https://www.cubdomain.com/site/ - taky skor na DNS etc
  • https://alternativeto.net/software/cubdomain/
• https://builtwith.com/axweb.sk
• http://whatcms.ga dont work ?
• https://guess.scritch.org/ downt work ?
• https://toolbar.netcraft.com/site_report?url=axweb.sk some domain/web info
• https://www.sqreen.com/scanner
• https://geekflare.com/drupal-security-scanner/ - list of scanners
• https://sitecheck.sucuri.net/results/allfood.sk
• https://hackertarget.com/drupal-security-scan/
•  

 

Soft:

• https://github.com/droope/droopescan - I use this for scanning in ssh 50.000 domains per day - result is version CMS
• https://polso.info/detect-cms-open-source-php-library-detecting-cms-sites
• https://github.com/Krisseck/Detect-CMS - Detect-CMS (.php)
• https://thehacktoday.com/how-to-detect-cms-running-on-target-website/ - whatweb / CMSmap
• https://github.com/HA71/WhatCMS - need whatcms.org API supscription + tools included in
  • https://whatcms.org/Subscriptions (1.000 API calls free per month / 1call per 10seconds)
  • https://packagist.org/packages/whatcms/whatcms-php - php, need whatcms.org API supscription
  • https://packagist.org/packages/whatcms/who-hosts-this-php need API
  • https://www.yeahhub.com/cms-exploit-kit-detection-whatcms/
• https://github.com/jackpudlar/whatcms - nerozbehal som zatial
• https://github.com/Tuhinshubhra/CMSeeK python, scanning looks per web or need y, y... makes json reports per domain (on drupal showing just X.xx major version :( )
  • https://github.com/Tuhinshubhra/CMSeeK/issues/56#issuecomment-478257682 bug with error (language problem)
•  
• https://nmap.org/nsedoc/scripts/http-drupal-enum.html (just installed themes and modules, without version)
•  
• https://github.com/immunIT/drupwn 
•  
• https://inventory.rawsec.ml/tools.html#CMSeek
•  
• https://www.yeahhub.com/free-seo-analysis-websites-2019/ 
• https://www.yeahhub.com/top-dns-lookup-websites-2019-compilation/
• https://www.yeahhub.com/useful-commands-tools-oscp/ some other scanning tools (port, etc..)
• https://www.yeahhub.com/top-10-popular-bruteforce-hacking-tools-2019/

 

Sources:

• https://polso.info/crawling-top-15000-drupal-websites
• https://www.exploit-db.com/exploits/29290 - exploits database
• https://rescan.io/plans/ - zoznam vsetkych drupalov za 50€
  • https://rescan.io/technology/drupal/
  • https://pro.builtwith.com/ podobne ale drahsie
• https://securityonline.info/category/penetration-testing/webapp-pentest/web-information-gathering/ - zoznam toolov
• https://devnet.kentico.com/articles/the-ultimate-guide-to-identifying-which-cms-is-used-on-a-website
• https://builtwith.com/axweb.sk
• https://www.wpblog.com/cms-detectors-to-identify-platform-theme-plugins/
• https://www.drupal.org/SA-CORE-2014-005 
• https://stackify.com/what-is-load-testing/
• https://securityonion.net/
• https://www.xshellz.com/ ?
• https://www.drupal.org/project/siteimprove 
• https://www.faichi.com/blog/how-conduct-drupal-website-audit