Employs templates for common AEM vulnerabilities, such as SQL injection or cross-site scripting.
Automatically sends crafted probes to test for vulnerabilities based on these templates.
Flags potential 0days for further investigation and prioritization.
Together, these components provide a comprehensive understanding of your AEM attack surface, enabling proactive vulnerability management and risk mitigation.
The scan mode may contain one or more of the following inputs:URL:The target URL to scan (e.g. https://example.com)Domain:The root domain to scan (e.g. test.com)Wordlist:The custom wordlist to be used during directory bruteforcing, if you need a few to get start with, try the following: