Skip to content
Free web-application vulnerability and version scanner
Python PHP
Branch: master
Clone or download
Latest commit 3462377 Aug 17, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Add Patreon user name May 26, 2019
templates handle changed path Jul 15, 2016
testfiles Added encoding detection in case reading a file fails with UnicodeDec… Aug 24, 2018
yamls CVE-2019-15028 Aug 17, 2019
.gitignore add .gitignore for .csv, .swp, .pyc and .log Oct 17, 2012
.travis.yml Fix travis Oct 31, 2018
LICENSE Copyright year bump Jan 1, 2017
README.md
database.py
detect.py Added encoding detection to detect_withoutnewlines with test cases. Oct 1, 2018
file_helpers.py Minor cleaning Apr 27, 2014
issuereport.py Ported to python3 and added test cases. Aug 20, 2018
mailer.py Copyright year bump Dec 31, 2018
pyfiscan.py Copyright year bump Dec 31, 2018
requirements.lst docopt Oct 31, 2018
roadmap.txt Roadmap containing feature requests etc Nov 18, 2016
tests.py Improve UnwantedStrings to work correctly with Vim swap files Aug 17, 2019

README.md

pyfiscan Build status

About

Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers. Example use case is hosting-providers keeping eye on their users installations to keep up with security-updates. Fingerprints are easy to create and modify as user can write those in YAML-syntax. Pyfiscan also contains tool to create email alerts using templates.

Requirements

  • Python 3
  • Python modules PyYAML docopt chardet
  • GNU/Linux web server

Testing is done mainly with GNU/Linux Debian stable. Windows is not currently supported.

Detects following software

  • Abantecart
  • ATutor
  • b2evolution
  • BigTree CMS
  • Bugzilla
  • Centreon
  • Claroline
  • ClipperCMS
  • CMSimple
  • CMSMS
  • Collabtive
  • Concrete5
  • Coppermine
  • Cotonti
  • Croogo
  • CubeCart
  • Dolibarr
  • Dotclear
  • Drupal
  • e107
  • Elefant CMS
  • EspoCRM
  • Etherpad
  • FluxBB
  • Foswiki
  • Gallery
  • Gollum
  • HelpDEZk
  • HumHub
  • ImpressCMS
  • ImpressPages
  • Jamroom
  • Joomla
  • Kanboard
  • KCFinder
  • LiteCart
  • Magnolia
  • Mahara
  • MantisBT
  • MediaWiki
  • Microweber
  • MiniBB
  • MODX Revolution
  • MoinMoin
  • MyBB
  • Nibbleblog
  • Open Source Social Network
  • OpenCart
  • osDate
  • ownCloud
  • Oxwall
  • PBBoard
  • phpBB3
  • PhpGedView
  • phpMyAdmin
  • Piwigo
  • Piwik
  • PmWiki
  • Postfix Admin
  • Redaxo
  • Roundcube
  • SaurusCMS
  • Serendipity
  • Shaarli
  • Shopware
  • SMF
  • Spina CMS
  • SPIP
  • SquirrelMail
  • TestLink
  • TikiWiki
  • Trac
  • Vanilla Forums
  • WikkaWiki
  • WordPress
  • X-Cart
  • Zenphoto
  • Zikula

Detects following end-of-life software:

  • Bugzilla 4.2 is end-of-life since 2015-11-30
  • Drupal 6 is end-of-life since 2016-02-24
  • Gallery 1
  • Joomla 1.5 is end-of-life since 2012-04-30
  • Joomla 1.6 is end-of-life since 2011-08-19. 1.6.x should be upgraded to 1.6.6 before moving to 1.7.x
  • Joomla 1.7 is end-of-life since 2012-02-24
  • Joomla 2.5
  • MediaWiki 1.18
  • MediaWiki 1.19 is end-of-life since 2015-04-25
  • MediaWiki 1.20
  • MediaWiki 1.21 is end-of-life since 2014-06-25
  • MediaWiki 1.22
  • MediaWiki 1.23 is end-of-life since 2017-05-31
  • MediaWiki 1.24
  • MediaWiki 1.25
  • MediaWiki 1.26 is end-of-life since 2016-11-20
  • MediaWiki 1.27 is end-of-life since 2019-06-06
  • MediaWiki 1.28 is end-of-life since 2017-11-01
  • MediaWiki 1.29 is end-of-life since 2018-06
  • MediaWiki 1.30 is end-of-life since 2019-06-06
  • ownCloud 4
  • ownCloud 5
  • ownCloud 6
  • ownCloud 7
  • ownCloud 8.0
  • ownCloud 8.1
  • ownCloud 8.2
  • SaurusCMS

Installation

apt install python3 python3-pip python3-yaml python3-docopt git
git clone https://github.com/fgeek/pyfiscan.git && cd pyfiscan
pip3 install -r requirements.lst

or you can use BlackArch Linux.

Notes

Happy users

  • DevNet Oy
  • Kapsi Internet-käyttäjät ry
  • Shellit.org
  • Loopia.se

Contributors

  • aapa
  • Ari-Martti Hopiavuori
  • Atte H. "guaqua"
  • Janne Cederberg
  • Joonas Kuorilehto
  • Juhamatti Niemelä
  • Linus Fogelholk
  • Olli Pekkola
  • Paul Grant
  • Tuomo Komulainen
You can’t perform that action at this time.