Joomla Security Scan

Joomla Security Help

Joomla is one of the most popular open source content management systems and is often a target for attackers due its popularity and the wide variety of extensions that are available. This Joomla security scan will test your site for security issues, malware infections and poor reputation links so you can get to work mitigating the vulnerabilities before you get hacked.

There are two options with this Joomla Security Test; option 1 is a passive analysis and the second option is a more in depth security analysis. Active scanning requires a HackerTarget.com membership.

Enter the URL to test including the full path, such as:

http://www.myexampledomain.com/joomlapath/

Test Joomla Security with this immediate Joomla security scan service. Discover vulnerabilities, web server details and configuration errors.

To use the Active scan mode you must have permission to scan the web site. The joomscan will send over 600 requests to your web server and can set off alarms.

Enter the target Joomla URI and email address; you will receive your scan results delivered within 10mins.

Start Joomla Security Scan by completing the form

Enter details to begin a scan of your target web site URI.
Members can perform an active scan to detect plugins and security vulnerabilities.










captcha








About the Joomla Security Scan


Just released
A Quality Guide

This scan will check a Joomla installation for a number of common security issues as well as perform web reputation analysis of sites that are being linked and sites that are hosted on the same IP address.

Option 1: A passive scan, in that all the information gathered is from performing regular web requests against the specified site.

Option 2: The second option is a more aggressive active scan, this option uses the excellent OWASP Joomla! Security Scanner open source security testing tool.

Passive Checks include:

  • Determine if Joomla installation is present
  • Perform web reputation lookups for site (Google Safebrowsing, Norton Safeweb and MyWot services).
  • Test for an “admin” user account
  • Test for “directory indexing enabled on themes / modules”
  • Test for robots.txt
  • Test for readable .htacess
  • List external sites linked from main page and web reputation of each
  • List linked Javascript
  • List any external iframes
  • List Internal Site Links
  • Perform Geolocation and Web Hosting information lookups
  • Find web sites sharing the IP address and performs web reputation lookups.

Additional checks in the Active Scanner include:

  • Exact version Probing
  • Joomla plugin based firewall detection
  • Detect known vulnerabilities

About the OWASP Joomla Project

The OWASP Joomla Vulnerability Scanner project is sponsored by YGN Ethical Hacker Group, Myanmar. It has been developed to identify vulnerabilities in the enormously popular content management system Joomla.

For more information visit the sourceforge page or the OWASP project page.