Greetings brothers of Illegalcrew, I was reviewing some messages from some users asking me to create a POST on "Vulnerability Analysis in CMS JOOMLA", good let's start. Joomlavs is a Ruby application that can help automate the assessment of vulnerabilities. You can look for vulnerabilities in the components, modules and templates, as well as the vulnerabilities that exist within Joomla itself. Download the repository: Code: git clone https://github.com/rastating/joomlavs.git We installed Bundler. Code: sudo gem install bundler && bundle install We installed some units, including Nokogiri Code: sudo apt-get install build-essential patch sudo apt-get install ruby-dev zlib1g-dev liblzma-dev libcurl4-openssl-dev We will audit the server in a "Standard" way Code: root@kali:~/joomlavs# ./joomlavs.rb --scan-all --url http://www.paginaweb.com/ They find the vulnerable modules, they go to Exploit DB and in the end a good Pentest. It's 03:04 in the morning and I'm not going to test exploit by exploit xD! available databases : ADMISSION cacti claro_unsa claroline DB_CERCAP information_schema mysql ocsweb six SICONIN test unsa_AA0001 In my opinion this tool is very useful. Greetings.