Test Joomla Security with this easy to use Joomla security scan service. Discover vulnerabilities, web server details and configuration errors.

Joomla is one of the most popular open source content management systems and is a common target for attackers due its popularity and the wide variety of extensions that are available. These Joomla security scans will test your site for security issues, configuration errors and poor reputation links so you can get to work mitigating the vulnerabilities.

Joomla Analysis and Security Scan

Perform a Free Joomla Security Scan with a low impact test.

Check any Joomla based site and get a high level overview of the sites security posture. Once you see how easy it is grab a membership and test Joomla with the dedicated JoomlaVS tool, Nikto, OpenVAS and more.

Items checked in the FREE scan
  • Attempt to detect version of Joomla
  • Find Joomla Components and Modules in HTTP Response
  • Identify Template in use
  • List client side JS in page
  • Test for directory indexing enabled on key locations
  • Threat Intel & Blacklisting Checks

Membership is required for advanced Joomla Enumeration & Vulnerability Scanners

  • Detect version, interesting URLS and extensions with JoomlaVS
  • Identify the attack surface through extension and theme enumeration
  • Test Joomla with OpenVAS and Nikto Scanners
  • Access to 28 Vulnerability Scanners and OSINT Tools
  • Trusted Open Source Tools

About Joomla Security Testing

Joomla Security Testing is an essential part of managing any Joomla based site. Joomla is a popular open source content management system, making it a popular target for attackers. Any sufficiently popular software is probed and attacked by both automated scripts (bots) and more targeted attackers.

Our range of online web security testing for Joomla and other web platforms has you covered for a variety of use cases.

The freely available tools perform analysis from a simple page grab. Through the examination of the HTML source code, javascript, and a few other open publicly accessible pages it is possible to gain immediate insights into the state of security on the target site. This is without sending any aggressive security scanning, using only passive analysis methods.

Our second form of scanning involves using active security testing tools (OpenVAS, Nikto, JoomlaVS are examples) that send hundreds of requests against the target site to find security issues (vulnerabilities) that are not immediately apparent from passive analysis.


published CVE's (vulnerabilities)
for Joomla and its components

Comprehensive Security Testing

  • Get informed with detailed technical reporting
  • Assess the Security Posture of Any Web Site
  • Test underlying server and network accesses
  • Attack Surface Analysis with Bulk Testing
  • Intelligence for Red Teams, Blue Teams and Web Site Ops
  • Full Access to 28 Vulnerability Scanners & Tools

Comparing the Options

Members get access to the full suite of security tools. It's a go bag for on demand security testing.

Free Joomla Security Check
  • Joomla Version Check
  • Threat Intelligence (Blacklist) Checks
  • Directory Indexing on common locations
  • Sites Externally linked from main page (threat intel check of host)
  • List Components and Modules detected through passive HTML analysis
  • Javascript linked (including host blacklist check)
  • Server, Hosting and Geo-location Information
Additional Benefits (with Membership)
  • Use JoomlaVS for active security testing
  • Use OpenVAS to test Joomla & Web Server vulnerabilities.
  • Use Nikto to test website scripts and web framework
  • Passively survey sites in bulk for web technologies and other details
  • Monitor server for port and vulnerability changes (scheduled Nmap & OpenVAS)
  • With Membership you have full access to all security testing tools including port scanner, web server testing and system vulnerability scanner.
Become a Member Now
7 day money back guarantee

About the JoomlaVS Project

JoomlaVS is an open source project developed in ruby. One of the things we love about open source security solutions is that you can not only run the tool and get results; but also dig into the code and understand what is being tested and why it is being tested. By understanding the issues, you are better equipped to secure your systems and web properties.

To run the tool locally for yourself grab the latest version from github.

In the past we also hosted the OWASP Joomla Vulnerability Scanner which was developed back in 2009 and was last updated in 2012. Since 2012 there have been no new releases. This means the database is quite out of date and the tool will not detect newer vulnerabilities.

For more information visit the sourceforge page or the OWASP project page.

Automated Security Vulnerability Scans.

Discover. Investigate. Learn.

Use Cases

Website Recon?

Fingerprint Web App
Technologies in Bulk

Whatweb / Wappalyzer

Remove limits with a full membership

More info available