CVE-2018-12809

AEM hacker toolset Tools to identify vulnerable Adobe Experience Manager (AEM) webapps AEM is an enterprise-grade CMS I built these tools to automate bughunting and pentesting of AEM webapps I included checks for previously known vulnerabilities and misconfigurations, as well as for new ones, discovered by me in 2018 All discovered vulnerabilities were responsibly reported

Adobe Experience Manager Vulnerability Scanner

aemscan Adobe Experience Manager Vulnerability Scanner raz0rname/releases/adobe-experience-manager-vulnerability-scanner/ Features Default credentials bruteforce Info leak via default error page WebDav support check (WebDav OSGI XXE CVE-2015-1833) Version detection Useful paths scanner Installation $ python setuppy install Usage $ aemscan <url> TODO C

Edited version of aemscan

aemscan Adobe Experience Manager Vulnerability Scanner raz0rname/releases/adobe-experience-manager-vulnerability-scanner/ Features Default credentials bruteforce Info leak via default error page WebDav support check (WebDav OSGI XXE CVE-2015-1833) Version detection Useful paths scanner Installation $ python setuppy install Usage $ aemscan <url> TODO C

Adobe Experience Manager Vulnerability Scanner

aemscan Adobe Experience Manager Vulnerability Scanner raz0rname/releases/adobe-experience-manager-vulnerability-scanner/ Features Default credentials bruteforce Info leak via default error page WebDav support check (WebDav OSGI XXE CVE-2015-1833) Version detection Useful paths scanner Installation $ python setuppy install Usage $ aemscan <url> TODO C