A commandline tool to perform an security scan against a AEM Dispatcher.
This tool tries to unify all known security relevant AEM Dispatcher URLs from the internet.
If you know some more URLs, please open a GitHub issue to report them.
Build Docker image
$ make build-docker-image
Run Docker container from built image to print help
$ make run-docker-image
Usage: cli.py [OPTIONS]
AEM Dispatcher Security Scan
Options:
--url TEXT URL of website e.g. https://www.example.com [required]
--page-path TEXT Page path of website. e.g. /content/geometrixx/en (Default: /)
--timeout INTEGER Timeout for HTTP requests in seconds. (Default: 10)
--file PATH Text file with test paths. (Default: aem-sec-paths.txt)
--help Show this message and exit.
Run Docker container from built image with custom arguments
$ docker compose \
--file docker-compose.yml \
run \
--rm \
aem-dispatcher-security-scan \
--url=https://www.example.com \
--page-path=/content/geometrixx/en
Build and launch the DevContainer in VSCode.
- docs.adobe.com
- 0ang3el/aem-hacker
- emadshanab/Adobe-Experience-Manager
- danielmiessler/seclists
- aem-design/ansible-role-aem-security-test
- cognifide/securecq
- perficientdigital.com
- infosecinstitute.com
MIT