changelog and tool added December 2014 :
+ Add WordPress plugin vulnerabilities from WPScan database.
+ Added fingerprint data from freewvs for migration.
+ Added support for Gollum.
+ SquirrelMail handled.
bug fixes:
– Fix bug in public_html detection.
Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers. Example use case is hosting-providers keeping eye on their users installations to keep up with security-updates. Fingerprints are easy to create and modify as user can write those in YAML-syntax. Pyfiscan also contains tool to create email alerts using templates.
Requirements :
– Python 2.7
– Python modules PyYAML docopt
– GNU/Linux web server
– Testing is done mainly with GNU/Linux Debian stable. Windows is not currently supported.
Detects following software :
– Bugzilla
– CMSMS
– Claroline
– Collabtive
– Concrete5
– Coppermine
– Cotonti
– Dolibarr
– Dotclear
– Drupal 6/7
– EspoCRM
– Foswiki
– Gallery
– Gollum
– HelpDEZk
– ImpressCMS
– ImpressPages
– Jamroom
– Joomla 1.5: 1.5 is end-of-life since 2012-04-30
– Joomla 1.6: 1.6 is end-of-life since 2011-08-19. 1.6.x should be upgraded to 1.6.6 before moving to 1.7.x
– Joomla 1.7: 1.7 is end-of-life since 2012-02-24
– Joomla 2.5
– Joomla 3
– MODX Revolution
– Magnolia
– Mahara
– MantisBT
– MediaWiki
– Microweber
– MoinMoin
– MyBB
– Nibbleblog
– PBBoard
– Piwigo
– PmWiki
– Roundcube
– SMF 1 and 2
– SPIP
– Serendipity
– SquirrelMail
– TestLink
– TikiWiki
– TinyTinyRSS
– Trac
– WikkaWiki
– WordPress
– Zenphoto
– Zikula
– Zimbra
– e107
– osDate
– ownCloud 5 and 6
– phpBB3
– phpMyAdmin
Downlaod and Installation :
git clone https://github.com/fgeek/pyfiscan.git && cd pyfiscan pip install -r requirements.lst
Source : pyfiscan