Skip to content
/ juumla Public

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files

License

Notifications You must be signed in to change notification settings

oppsec/juumla

Repository files navigation

🦁 Juumla




🦁 Juumla Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files.


⚡ Installing / Getting started

A quick guide on how to install and use Juumla.

1. Clone the repository - git clone https://github.com/oppsec/juumla.git
2. Install the libraries - pip3 install -r requirements.txt
3. Run Juumla - python3 main.py -u https://example.com

🐳 Docker

If you want to run Juumla in a Docker container, follow these commands:

1. Clone the repository - git clone https://github.com/oppsec/juumla.git
2. Build the image - sudo docker build -t juumla:latest .
3. Run container - sudo docker run juumla:latest

If you want to create an Joomla environment in a Docker container, follow these commands:

1. Clone the repository - git clone https://github.com/oppsec/juumla.git (or download the docker-compose.yml file)
2. Install docker-compose (e.g: sudo apt install docker-compose)
3. sudo docker-compose up
4. Access http://localhost:8080/

The default root password is: example
The default database name is: joomladb
The default DBMS is: MySQL 5.6



⚙️ Pre-requisites

  • Python 3 installed on your machine.
  • Install the libraries with pip3 install -r requirements.txt



✨ Features

  • Fast scan
  • Low RAM and CPU usage
  • Detect Joomla version
  • Find config and backup files
  • Scan for vulnerabilities based on the Joomla version
  • Open-Source



📚 To-Do

  • Update vulnerabilities database
  • Improve Joomla detection methods
  • Improve code optimization



🔨 Contributing

A quick guide on how to contribute to the project.

1. Create a fork from Juumla repository
2. Download the project with git clone https://github.com/your/juumla.git
3. Make your changes
4. Commit and makes a git push
5. Open a pull request



⚠️ Warning

  • The developer is not responsible for any malicious use of this tool.