Check your Joomla site for vulnerabilities

OWASP Joomla! Security Scanner is a great security tool to check your Joomla! website for known vulnerabilities and other security issues and be one step ahead of hackers. This tool uses Perl so you need to have it installed on your machine. Most of Linux distributions have it preinstalled.

  • Download Joomscan from sourceforge.net (recommended for latest version) or here.
  • Extract files and upload to your Linux box.
  • Navigate to joomscan-latest
  • run ./joomscan.pl update to update local vulnerabilities database
  • run ./joomscan.pl -u www.yoursite.com -ot
    This will run vulnerabilities scan and save report in joomscan-latest/report folder
  • For other options and commands run ./joomscan.pl

When running joomscan.pl for the first time you may get following or similar error:
Can't locate WWW/Mechanize.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .) at ./joomscan.pl line 2679. 
BEGIN failed--compilation aborted at ./joomscan.pl line 2679

In that case run: apt-get install libtest-www-mechanize-perl

01.2013

 

 

Newsletter

Subscribe to receive occasional updates on new posts.
Your email will not be used for any other purpose and you can unsubscribe at any time.
Please wait