CMS is Content Management System which is used to develop websites/blogs. Some of the most popular CMSs are WordPress, Joomla and Drupal. Multiple themes and plugins are used in CMS to develop a website and many a times these themes and plugins are vulnerable. If you’re using the vulnerable plugins and themes then your website is vulnerable and attackers can easily target your website.
MTvScan Detection Techniques
First we detect which CMS is used to build the website and then scan it accordingly. For example, if the target website is built with a WordPress, MTvScan will run all scans for WordPress. Right now MTvScan supports CMSs like WordPress, Joomla, Drupal & vBulletin.
- Scans themes, plugins and unprotected admin area.
- User enumeration.
- Brute forcing for simple password detection.
- FPD – File Path Disclosure scanning.
- Detect CMS in all directories.