Enumerating Joomla sites

Use JoomScan to analyze a Joomla site.

- [Instructor] Let's take a look at a Joomla website…and see how we can enumerate its configuration.…We'll use the enterprise website…on port 8080 for this, and we'll use JoomScan.…JoomScan doesn't find a firewall,…and this identifies this as a Joomla 3.7.5 site.…

It confirms that the Joomla Core isn't vulnerable,…and that there are no sensitive files that are readable.…JoomScan confirms the robots.txt file exists…and proceeds to identify the various webpages…in the Joomla site.…It finds two administration pages, one at administrator,…and the other at Joomla administrator.…JoomScan is an effective tool…for enumerating Joomla website.…

Resume Transcript Auto-Scroll

Author

Malcolm Shore

Skill Level Advanced

1h 39m

Duration

11,122

Views

Show More Show Less

Related Courses

Introduction
- Enumeration is the key to pen testing success
  59s
- What you should know
  1m 1s
- Disclaimer
  1m 15s
1. Identifying Services
- Introduction to enumeration
  6m 22s
- A refresher on Nmap
  6m 24s
- All-port scanning with Masscan
  2m 57s
- Digging for gold
  3m 53s
- Angry scanning
  4m 21s
- Passive scanning with Shodan
  3m 13s
2. Enumerating Services
- Using Nmap scripts
  5m 31s
- Scanning with Reconnoitre
  5m 16s
- Scanning with Vanquish
  7m 43s
- Enumerating with Sn1per
  6m 2s
- Enumerating with SPARTA
  4m 22s
- Diagnosing uncommon ports
  4m 46s
3. Enumerating Web Servers
- What's that web server?
  4m 38s
- Refresher on enumerating web pages
  6m 2s
- Fuzzing the website
  2m 39s
- Enumerating Drupal sites
  2m 30s
- Enumerating WordPress sites
  1m 26s
- Enumerating Joomla sites
  1m 5s
4. Further Enumeration
- Database enumeration with sqlmap
  5m 13s
- Enumerating in the Linux shell
  5m 21s
- Enumerating inside Windows
  4m 41s
Conclusion
- What's next
  1m 39s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Enumerating Joomla sites

Author

Skill Level Advanced

Duration

Views

Related Courses

Learning Kali Linux (2016)

Ethical Hacking: Penetration Testing

Penetration Testing Essential Training

Penetration Testing: Advanced Kali Linux

Penetration Testing: Advanced Web Testing

Introduction

1. Identifying Services

2. Enumerating Services

3. Enumerating Web Servers

4. Further Enumeration

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month