OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them .
Why OWASP VBScan ?
If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.
- Project Leader : Mohammad Reza Espargham
- Github : https://github.com/rezasp/vbscan/
- SourceForge : https://sourceforge.net/projects/vbscan/
- OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project
usage :
./vbscan.pl <target>
./vbscan.pl http://target.com/vbulletin
OWASP VBScan 0.1.7 introduction (Youtube)
What’s New in Version 0.1.7 [Dennis Ritchie]
OWASP VBScan 0.1.7 [Larry Wall]
- Updated exploit database
- Compatible With Windows [Linux,OSX,Windows]
- Added Full Path Disclosure (FPD) module
- Added firewall detect/bypass module
- Optimized version checker module engine [#12 issue]
- Upgrade config finder module
- Random user agent module set as default setting
- Added HTML Report