# Magento has 2 mains branches, Magento 1 and Magento 2
# On Magento 2, you can add /magento_version
targetsite.com/magento_version
# On magento 1, you have another login interface at /dowloader# Versions can be displayed in the footer
https://www.example.com/downloader/
https://www.example.com/magento/downloader/
# You can find the version by comparing hash file signatures # between several versions and the running one.# That's what magescan does.
https://github.com/steverobbins/magento-version-identification-php
Magescan
# Online scanner# Usefull and complete, but online
https://magescan.com/
# Magescan is a complete scanner for Magento applications.# The idea behind this is to evaluate the quality and security of # a Magento site you don't have access to.
https://github.com/steverobbins/magescan
# Scan techniques : # - all : full scan# - catalog : get catalog information# - modules : get installed modules (plugins)# - patch : get patch informations# - server : get server technology# - sitemap : get sitemap# - unreachable : check unreachable paths# - version : get magento version
magescan.phar scan:<technique> store.example.com
# If set, SSL certificates won't be validated
magescan.phar scan:<technique> store.example.com --insecure
magescan.phar scan:<technique> store.example.com -k
# Lists all modules searched for, not just those found
magescan.phar scan:<technique> store.example.com --show-modules