Enumeración de CMS

Wordpress

Enumeración de temas y plugins Wordpress

Nmap

nmap -p80 --script http-wordpress-enum --script-args http-wordpress-enum.root='/wordpress',search-limit=1000 remote.nyx

Wpscan

wpscan --url http://192.168.1.10/wordpress --api-token $WP_TOKEN --plugins-detection aggressive

La variable de entorno $WP_TOKEN contiene el token generado en la web https://wpscan.com/

Nuclei

nuclei -u http://remote.nyx/wordpress/ -tags fuzz -t /home/d4redevil/.local/nuclei-templates/http/fuzzing/wordpress-plugins-detect.yaml

Gobuster

gobuster dir -u http://remote.nyx/wordpress/ -w /usr/share/seclists/Discovery/WebContent/CMS/wp-plugins.fuzz.txt

Joomla

joomscan

joomscan -u http://192.168.1.10

Drupal

droopescan

droopescan scan drupal -u http://example.org/ -t 32

Magento

magescan

php magescan.phar scan:all <https://example.com>