A plugin-based scanner that aids security researchers in identifying issues with several CMS. (https://github.com/droope/droopescan)

Supported CMS are:

  • SilverStripe
  • WordPress
  • Drupal

Partial functionality for:

  • Joomla (version enumeration and interesting URLs only)
  • Moodle (plugin & theme very limited, watch out)

How to use

1. Download the application

  • git clone https://github.com/droope/droopescan.git
  • cd droopescan
  • ls

2. Install all dependencies

  • pip3 install -r requirements.txt

3. You may also need to install dscan

  • pip3 install dscan

4. Run the application now. Display basic help

-h, --help = show this help message and exit

  • python3.9 droopescan -h

5. Show scan options

droopescan scan --help

  • python3.9 droopescan scan --help

6. Run a basic scan

  • python3.9 droopescan scan drupal -u