Test Joomla Security with this easy to use Joomla security scan service. Discover vulnerabilities, web server details and configuration errors.
Joomla is one of the most popular open source content management systems and is a common target for attackers due its popularity and the wide variety of extensions that are available. These Joomla security scans will test your site for security issues, configuration errors and poor reputation links so you can get to work mitigating the vulnerabilities.
Perform a Free Joomla Security Scan with a low impact test.
Check any Joomla based site and get a high level overview of the sites security posture. Once you see how easy it is grab a membership and test Joomla with the dedicated JoomlaVS tool, Nikto, OpenVAS and more.
- Attempt to detect version of Joomla
- Find Joomla Components and Modules in HTTP Response
- Identify Template in use
- List client side JS in page
- Test for directory indexing enabled on key locations
- Threat Intel & Blacklisting Checks
Membership is required for advanced Joomla Enumeration & Vulnerability Scanners
Membership Benefits
Access advanced network mapping and regular scan schedules.
Detect
Detect version, interesting URLS and extensions with JoomlaVS JoomlaVS
Identify
Identify the attack surface through extension and theme enumeration.
Access Granted
To 27 Vulnerability Scanners & IP Tools.
Test
Test Joomla with OpenVAS and Nikto Scanners.
About Joomla Security Testing
Joomla Security Testing is an essential part of managing any Joomla based site. Joomla is a popular open source content management system, making it a popular target for attackers. Any sufficiently popular software is probed and attacked by both automated scripts (bots) and more targeted attackers.
Our range of online web security testing for Joomla and other web platforms has you covered for a variety of use cases.
The freely available tools perform analysis from a simple page grab. Through the examination of the HTML source code, javascript, and a few other open publicly accessible pages it is possible to gain immediate insights into the state of security on the target site. This is without sending any aggressive security scanning, using only passive analysis methods.
Our second form of scanning involves using active security testing tools (OpenVAS, Nikto, JoomlaVS are examples) that send hundreds of requests against the target site to find security issues (vulnerabilities) that are not immediately apparent from passive analysis.
Comprehensive Security Testing
- Get informed with detailed technical reporting
- Assess the Security Posture of Any Web Site
- Test underlying server and network accesses
- Attack Surface Analysis with Bulk Testing
- Intelligence for Red Teams, Blue Teams and Web Site Ops
- Full Access to 28 Vulnerability Scanners & Tools
Comparing the Options
Members get access to the full suite of security tools. It's a go bag for on demand security testing.
Free Joomla Security Check
- Joomla Version Check
- Threat Intelligence (Blacklist) Checks
- Directory Indexing on common locations
- Sites Externally linked from main page (threat intel check of host)
- List Components and Modules detected through passive HTML analysis
- Javascript linked (including host blacklist check)
- Server, Hosting and Geo-location Information
Additional Benefits (with Membership)
- Use JoomlaVS for active security testing
- Use OpenVAS to test Joomla & Web Server vulnerabilities.
- Use Nikto to test website scripts and web framework
- Passively survey sites in bulk for web technologies and other details
- Monitor server for port and vulnerability changes (scheduled Nmap & OpenVAS)
- With Membership you have full access to all security testing tools including port scanner, web server testing and system vulnerability scanner.
About the JoomlaVS Project
JoomlaVS is an open source project developed in ruby. One of the things we love about open source security solutions is that you can not only run the tool and get results; but also dig into the code and understand what is being tested and why it is being tested. By understanding the issues, you are better equipped to secure your systems and web properties.
To run the tool locally for yourself grab the latest version from github.
In the past we also hosted the OWASP Joomla Vulnerability Scanner which was developed back in 2009 and was last updated in 2012. Since 2012 there have been no new releases. This means the database is quite out of date and the tool will not detect newer vulnerabilities.
For more information visit the sourceforge page or the OWASP project page.
Vulnerability Scans and Network Intelligence
Use CasesFingerprint Web App Technologies in Bulk
Whatweb/Wappalyzer28 vulnerability scanners and network tools
Membership