Droopescan- plugin-based scanner for Drupal & Silverstripe
Web application scanning is very important to identify vulnerabilities and security gaps that allow a hacker to compromise the web servers. Today we have several open source tools that help to make a verification on content management system like Droopescan.
Droopescan is a plugin-based scanner that help security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe. the scanner is python based that make 4 type of security testing:
- Plugin checks: Performs several thousand HTTP requests and returns a listing of all plugins found to be installed in the target host.
- Theme checks: As above, but for themes.
- Version checks: Downloads several files and, based on the checksums of these files, returns a list of all possible versions.
- Interesting url checks: Checks for interesting urls (admin panels, readme files, etc.)
The application support the authenticated scans to have a better results while crawling the target.
You can read more and download Droopescan over this link: https://github.com/droope/droopescan