• Stars
    star
    164
  • Rank 230,032 (Top 5 %)
  • Language
    Python
  • License
    MIT License
  • Created over 3 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files

🦁 Juumla




🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.


⚑ Installing / Getting started

A quick guide on how to install and use Juumla.

1. Clone the repository - git clone https://github.com/oppsec/juumla.git
2. Install the libraries - pip3 install -r requirements.txt
3. Run Juumla - python3 main.py -u https://example.com

🐳 Docker

If you want to run Juumla in a Docker container, follow these commands:

1. Clone the repository - git clone https://github.com/oppsec/juumla.git
2. Build the image - sudo docker build -t juumla:latest .
3. Run container - sudo docker run juumla:latest



βš™οΈ Pre-requisites

  • Python 3 installed on your machine.
  • Install the libraries with pip3 install -r requirements.txt



✨ Features

  • Fast scan
  • Low RAM and CPU usage
  • Detect Joomla version
  • Find config and backup files
  • Scan for vulnerabilities based on the Joomla version
  • Open-Source



πŸ“š To-Do

  • Update vulnerabilities database
  • Improve Joomla detection methods
  • Improve code optimization



πŸ”¨ Contributing

A quick guide on how to contribute to the project.

1. Create a fork from Juumla repository
2. Download the project with git clone https://github.com/your/juumla.git
3. Make your changes
4. Commit and makes a git push
5. Open a pull request



⚠️ Warning

  • The developer is not responsible for any malicious use of this tool.

More Repositories

1

Pinkerton

πŸ•΅οΈ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python
Python
280
star
2

Apepe

πŸ“² Enumerate information from an app based on the APK file
Python
113
star
3

tomcter

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.
Python
100
star
4

Ozzy

[abandoned] πŸ‘ Ozzy is a dark omnipotent theme for IDA, Git Bash, Sublime, Visual Studio Code etc...
CSS
26
star
5

WSOB

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
Python
26
star
6

Squid

[abandoned] πŸ¦‘ Squid is NodeJS CLI tool to scan websites trying to find vulnerabilities.
JavaScript
24
star
7

breads

Breaking Active Directory Security with 🍞
Python
23
star
8

Discor

[abandoned] ⚑ Discor is a Node.js tool created to help people which wants to create Discord bots more fast.
JavaScript
21
star
9

pwnfaces

πŸ˜› Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
Go
19
star
10

extensions-wordlist

πŸ” Improve your files enumeration with specific extensions!
16
star
11

dbf

[abandoned] πŸ”₯ DBF or Don't be Fired is a Visual Studio Code extension which send message boxes to remind you to avoid common mistakes
JavaScript
14
star
12

lovefetch

❀ A CLI System Information Tool
Python
11
star
13

GWI

🌐 GWI is a python tool which uses Whois API to get website public information to help with your recon!
Python
8
star
14

OAO

βš™οΈ Operating Account Operators (OAO) is a Golang tool to interact with the LDAP protocol to manage account groups, roles, ACLs/ACEs, etc...
Go
7
star
15

ILL

🐧 I Love Linux (ILL) is a C tool developed to fast search for kernel vulnerabilities and suggest to the user
C
6
star
16

Scythe

πŸ’€ Collect JS and CSS files from websites.
JavaScript
6
star
17

magenta

🍊 Python Magento Vulnerability Scanner
Python
5
star
18

Gitter

🐍 Python CLI tool to get public informations from a GitHub account
Python
4
star
19

MSI

πŸ’» CLI which gives informations about your system
Python
4
star
20

zaber

πŸ•΅οΈ Yet another CVE-2019-9670 exploit, but in Golang.
Go
4
star
21

arbimz

πŸ”₯ Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.
Python
4
star
22

xcreen

πŸ“· Screenshot a list of websites quickly
Python
3
star
23

apekar

πŸ‘Ύ Apekar is a Ruby CLI tool to analyze APK files to search for API keys, Secrets, Hosts and detect required permissions by the app.
Ruby
3
star
24

minebot

πŸ€– Charles is a minecraft bot made with mineflayer to execute simple commands
JavaScript
3
star
25

gitter-rust

Learning Rust - Project (1)
Rust
1
star
26

calc-go

πŸ“± Calculate fast with Go
Go
1
star
27

hasher

πŸ”‘ Base85+Sha384 Hasher
Python
1
star
28

zobbix

🐍 Zabbix 4.2 Auth Bypass
Python
1
star
29

oppsec.github.io-backup

A personal website :)
HTML
1
star
30

Hash4Me

πŸ”‘Easily hash your text with MD5, SHA1, SHA256 and SHA512.
PHP
1
star
31

gitter-rb

πŸ’Ž Yes a Gitter copy but it's Ruby now!
Ruby
1
star
32

aglpi

πŸ–₯️ against Gestionnaire Libre de Parc Informatique (GLPI)
Python
1
star