Frameworks Wordpress

Mage Scan

Mage Scan
Written by Mubassir patel

Mage Scan

The idea behind this Mage Scan is to evaluate the quality and security of a Magento site you don’t have access to. The scenario when you’re interviewing a potential developer or vetting a new client and want to have an idea of what you’re getting into.

Mage Scan

Installation

.phar

php magescan.phar scan:all www.example.com

Read This: Tool-x: Install kali Linux Tool in Termux

Source

  • Clone this repository
  • Install with composer
git clone https://github.com/steverobbins/magescan magescan
cd magescan
curl -sS https://getcomposer.org/installer | php
php composer.phar install
bin/magescan scan:all www.example.com

n98-magerun

Clone into your ~/.n98-magerun/modules directory

mkdir -p ~/.n98-magerun/modules
git clone https://github.com/steverobbins/magescan ~/.n98-magerun/modules/magescan
magerun magescan:scan store.example.com

Composer

composer require steverobbins/magescan --dev

Include in your project

Add the following to your composer.json

"require": {
    "steverobbins/magescan": "dev-master"
}

Usage

$ magescan.phar scan:all store.example.com

Commands

scan:all

$ magescan.phar scan:all [--insecure|-k] [--show-modules] <url>

Run all scans on the given <url>.

Options

--format=FORMAT

Specify a different output format. Possible values:

  • default
  • json
--insecure, -k

If set, SSL certificates won’t be validated

--show-modules

Lists all modules searched for, not just those found

scan:catalog

$ magescan.phar scan:catalog [--insecure|-k] <url>

Get catalog information

scan:modules

$ magescan.phar scan:modules [--insecure|-k] [--show-modules] <url>

Get installed modules

scan:patch

$ magescan.phar scan:patch [--insecure|-k] <url>

Get patch information

scan:server

$ magescan.phar scan:server [--insecure|-k] <url>

Check server technology

scan:sitemap

$ magescan.phar scan:sitemap [--insecure|-k] <url>

Check sitemap

scan:unreachable

$ magescan.phar scan:unreachable [--insecure|-k] <url>

Check unreachable paths

scan:version

$ magescan.phar scan:version [--insecure|-k] <url>

Get the version of a Magento installation

Show all modules that we tried to detect, not just those that were found

self-update

$ magescan.phar self-update

Updates the phar file to the latest version.

Read This: Want To Earn $10,000 Gives Away

About the author

Mubassir patel

Mubassir is a founder and developer of this site. He is a computer science engineer. He has a very deep interest in ethical hacking, penetration testing, website development and including all technology topic.

Leave a Comment