CMSeeK

Overview

CMSeeK is a powerful CMS detection and exploitation suite designed for penetration testers and security researchers. It automatically identifies 180+ content management systems (WordPress, Joomla, Drupal, Magento, etc.) and provides vulnerability scanning with automatic exploit suggestions. The tool streamlines reconnaissance and vulnerability assessment during security audits.

Installation

Prerequisites

Python 3.x
Git
pip

Basic Installation

git clone https://github.com/Tuhinshubhra/CMSeeK.git
cd CMSeeK
pip install -r requirements.txt
python3 cmseek.py

On Linux/macOS

chmod +x cmseek.py
python3 cmseek.py -u http://target.com

Docker Installation

docker pull tuhinshubhra/cmseek
docker run -it tuhinshubhra/cmseek python3 cmseek.py -u http://target.com

Basic Usage

Command	Description
`python3 cmseek.py -u <url>`	Detect CMS on target URL
`python3 cmseek.py -u <url> -v`	Verbose output with detailed info
`python3 cmseek.py -u <url> --follow`	Follow redirects
`python3 cmseek.py -u <url> --timeout 20`	Set custom timeout in seconds
`python3 cmseek.py --help`	Display help menu

CMS Detection

Single URL Detection

python3 cmseek.py -u http://example.com

Output includes:

CMS name and version
Detection confidence
Admin panel location
Vulnerable components
Recommended exploits

With Custom User-Agent

python3 cmseek.py -u http://example.com -a "Mozilla/5.0 (Windows NT 10.0; Win64; x64)"

Scan Multiple URLs from File

python3 cmseek.py -l urls.txt

Create urls.txt:

http://target1.com
http://target2.com
http://target3.com

Vulnerability Scanning

Basic Vulnerability Scan

python3 cmseek.py -u http://example.com --cms wordpress

Force CMS Type

python3 cmseek.py -u http://example.com --force-cms joomla

Supported CMS platforms:

WordPress
Joomla
Drupal
Magento
OpenCart
PrestaShop
Concrete5
Ghost
Typo3

Output Results

python3 cmseek.py -u http://example.com -o report.html

Advanced Options

Proxy Configuration

python3 cmseek.py -u http://example.com --proxy http://127.0.0.1:8080

SOCKS5 Proxy

python3 cmseek.py -u http://example.com --socks5 127.0.0.1:1080

SSL/TLS Options

python3 cmseek.py -u https://example.com --no-ssl-verify
python3 cmseek.py -u https://example.com --cert /path/to/cert.pem

Batch Scanning with Options

python3 cmseek.py -l urls.txt --follow --timeout 15 -v

WordPress Detection

WordPress-Specific Scanning

python3 cmseek.py -u http://example.com --cms wordpress

CMSeeK detects:

WordPress version
Active plugins
Active themes
Vulnerable plugins
Admin panel location (usually /wp-admin/)

WordPress Enumeration

python3 cmseek.py -u http://example.com -e wordpress

Joomla Detection

Joomla CMS Detection

python3 cmseek.py -u http://example.com --cms joomla

Identifies:

Joomla version
Installed components
Vulnerable extensions
Administrator panel

Joomla-Specific Vulnerability Check

python3 cmseek.py -u http://example.com --force-cms joomla --vuln

Drupal Detection

Drupal CMS Identification

python3 cmseek.py -u http://example.com --cms drupal

Detects:

Drupal version
Installed modules
Vulnerable modules
Core vulnerabilities

Module Enumeration

python3 cmseek.py -u http://example.com -e drupal-modules

Vulnerability Exploitation

Automatic Exploit Suggestions

python3 cmseek.py -u http://example.com --exploit

CMSeeK provides:

CVE numbers
Vulnerability descriptions
PoC links
Remediation steps

Get Exploits for Detected Vulnerabilities

python3 cmseek.py -u http://example.com -e all

Custom Exploit Database

python3 cmseek.py -u http://example.com --db /custom/exploits/

Output and Reporting

HTML Report Generation

python3 cmseek.py -u http://example.com -o results.html

JSON Output

python3 cmseek.py -u http://example.com -j results.json

CSV Export

python3 cmseek.py -l urls.txt -c results.csv

Verbose Console Output

python3 cmseek.py -u http://example.com -v

Configuration

Config File Location

~/.cmseek/config.conf

Common Settings

[DEFAULT]
timeout = 10
follow_redirects = true
user_agent = custom_ua
proxy = http://127.0.0.1:8080
threads = 5

Custom Configuration File

python3 cmseek.py -u http://example.com --config custom.conf

Performance Tuning

Multi-threading for Batch Operations

python3 cmseek.py -l urls.txt --threads 10

Timeout Configuration

python3 cmseek.py -u http://example.com --timeout 30

Connection Pooling

python3 cmseek.py -l urls.txt --keepalive

Security Headers Detection

Scan Security Headers

python3 cmseek.py -u http://example.com --headers

Checks for:

X-Frame-Options
Content-Security-Policy
X-Content-Type-Options
HSTS

Custom Header Scanning

python3 cmseek.py -u http://example.com --header "Authorization: Bearer token"

Filtering and Targeting

Skip Certain CMS Types

python3 cmseek.py -u http://example.com --skip wordpress,joomla

Target Specific CMS Only

python3 cmseek.py -u http://example.com --only drupal

URL Pattern Filtering

python3 cmseek.py -l urls.txt --filter "*.edu"

Common Workflows

Complete Reconnaissance

python3 cmseek.py -u http://example.com -v -e all -o report.html

Batch Site Auditing

python3 cmseek.py -l sites.txt --threads 5 -o results.html

Vulnerability Assessment

python3 cmseek.py -u http://example.com --cms wordpress --vuln --exploit

CMS Version Detection Only

python3 cmseek.py -u http://example.com --version-only

Troubleshooting

Connection Timeout Issues

python3 cmseek.py -u http://example.com --timeout 60 --follow

SSL Certificate Errors

python3 cmseek.py -u https://example.com --no-ssl-verify

Proxy Authentication

python3 cmseek.py -u http://example.com --proxy http://user:pass@127.0.0.1:8080

Update Exploit Database

python3 cmseek.py --update-db

Detection Signatures

WordPress Detection Methods

# Checks wp-content directory
# Looks for wp-includes files
# Scans readme.html
# Identifies wp-admin panel

Joomla Detection Methods

# Checks media/jui/css
# Scans robots.txt patterns
# Looks for administrator panel
# Detects Joomla version patterns

General Detection

CMSeeK uses:

HTTP header analysis
Source code fingerprinting
Cookie patterns
Directory enumeration
Version detection signatures

Best Practices

Always obtain authorization before scanning production systems
Use appropriate timeouts to avoid overwhelming target servers
Respect rate limits when scanning multiple URLs
Review results carefully - false positives can occur
Keep exploit database updated regularly
Use proxies/VPNs to maintain operational security
Document all findings in reports

Legal Considerations

CMSeeK is designed for authorized security testing only. Ensure you have explicit permission from the system owner before conducting vulnerability assessments. Unauthorized access to computer systems is illegal.

Resources

GitHub: https://github.com/Tuhinshubhra/CMSeeK
Documentation: Check project wiki
Issue Tracker: Report bugs and request features
Community: Engage with security researchers using CMSeeK