A plugin-based scanner that aids security researchers in identifying issues with several CMS. (https://github.com/droope/droopescan)

Supported CMS are:

• SilverStripe
• WordPress
• Drupal

Partial functionality for:

• Joomla (version enumeration and interesting URLs only)
• Moodle (plugin & theme very limited, watch out)

How to use

1. Download the application

• git clone https://github.com/droope/droopescan.git
• cd droopescan
• ls

2. Install all dependencies

• pip3 install -r requirements.txt

3. You may also need to install dscan

• pip3 install dscan

4. Run the application now. Display basic help

-h, –help = show this help message and exit

• python3.9 droopescan -h

5. Show scan options

droopescan scan –help

• python3.9 droopescan scan –help

6. Run a basic scan

• python3.9 droopescan scan drupal -u http://192.168.0.119