secureCodeBox · Reet00 · Jul 18, 2025 · Jul 15, 2025
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -419,7 +419,6 @@ jobs:
       matrix:
         unit:
           - amass
-          - cmseek
           - ffuf
           - git-repo-scanner
           - gitleaks

diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
@@ -323,7 +323,6 @@ jobs:
       matrix:
         parser:
           - amass
-          - cmseek
           - ffuf
           - git-repo-scanner
           - gitleaks
@@ -409,7 +408,6 @@ jobs:
       matrix:
         scanner:
           - amass
-          - cmseek
           - ffuf
           - kube-hunter
           - ncrack

diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml
@@ -28,7 +28,6 @@ jobs:
       matrix:
         scanner:
           - amass
-          - cmseek
           - ffuf
           - gitleaks
           - kube-hunter

diff --git a/documentation/docs/getting-started/upgrading.md b/documentation/docs/getting-started/upgrading.md
@@ -17,6 +17,7 @@ sidebar_position: 3
 * `typo3scan` was removed as the scanner itself [isn't maintaned anymore](https://github.com/whoot/Typo3Scan?tab=readme-ov-file#unsupported). Most security aspects of typo3 are now hard to verify from the outside as it requires authentication (which is really good). Some typo3 security aspects (e.g. a incomplete installation) can be verified by [nuclei](https://www.securecodebox.io/docs/scanners/nuclei).
 * `kubeaudit` was removed as the scanner itself [isn't maintaned anymore](https://github.com/Shopify/kubeaudit?tab=readme-ov-file#-deprecation-notice-). As a replacement you can use the `trivy` with it's `k8s` scanning mode, see [trivy ScanType k8s example](https://www.securecodebox.io/docs/scanners/trivy#k8s).
 * `doggo` was removed. Doggo was added primarily as an experimentation to be used to deduplicate duplicate scan target from cascading rules based on DNS entries. That approach hasn't worked out unfortunately. The doggo integration has been non-functional for a while (see: https://github.com/secureCodeBox/secureCodeBox/issues/2853). As an alternative, nuclei already includes some DNS record based checks, if checks for specific records are required custom nuclei rules could be used to fulfil those requirements.
+* `cmseek` was removed. cmseek has seen little updates in the last years. Our secureCodeBox integration with cmseek was always pretty basic, only supporting joomla (a specfifc CMS) results, which hasn't been a big focus for us. As a replacement we recommend using nuclei which has joomla rules which will likely receive more updates in the future.
 *  `zap-baseline-scan` and `zap-advanced` in favor of the `zap-automation-framework`. The `zap-automation-framework` ScanTpye includes all functionalities of the removed ScanTypes and can be customized easily. The default ScanType for the AutoDiscovery has been changed to the `zap-automation-framework` as well. For migrating to the `zap-automation-framework` please refer to [migration to zap-automation framework](/docs/scanners/zap-automation-framework#migration-to-zap-automation-framework) guide.
 
 ➡️  [Reference: #2670](https://github.com/secureCodeBox/secureCodeBox/issues/2670)

diff --git a/documentation/src/integrations.js b/documentation/src/integrations.js
@@ -83,14 +83,6 @@ export const Scanners = [
     path: "docs/scanners/amass",
     imageUrl: "img/integrationIcons/Amass.svg",
   },
-  {
-    title: "CMSeeK",
-    type: "CMS",
-    usecase:
-      "Automation of the process of detecting the Joomla CMS and its core vulnerabilities",
-    path: "docs/scanners/cmseek",
-    imageUrl: "img/integrationIcons/Default.svg",
-  },
   {
     title: "ffuf",
     type: "Webserver",
@@ -203,7 +195,6 @@ export const Scanners = [
     path: "docs/scanners/wpscan",
     imageUrl: "img/integrationIcons/WPScan.svg",
   },
-
   {
     title: "ZAP Automation Framework",
     type: "WebApplication",

diff --git a/operator/internal/telemetry/telemetry.go b/operator/internal/telemetry/telemetry.go
@@ -25,7 +25,7 @@ var telemetryInterval = 24 * time.Hour
 // Unofficial Scan Types should be reported as "other" to avoid leakage of confidential data via the scan-types name
 var officialScanTypes map[string]bool = map[string]bool{
 	"amass":                    true,
-	"cmseek":                   true,
+	"cmseek":                   true, // deprecated. we'll keep it in this list to still recieve telemetry data from older versions
 	"doggo":                    true, // deprecated. we'll keep it in this list to still recieve telemetry data from older versions
 	"ffuf":                     true,
 	"git-repo-scanner":         true,

diff --git a/scanners/cmseek/.gitignore b/scanners/cmseek/.gitignore
diff --git a/scanners/cmseek/.helm-docs.gotmpl b/scanners/cmseek/.helm-docs.gotmpl
diff --git a/scanners/cmseek/.helmignore b/scanners/cmseek/.helmignore
diff --git a/scanners/cmseek/Chart.yaml b/scanners/cmseek/Chart.yaml
diff --git a/scanners/cmseek/README.md b/scanners/cmseek/README.md
diff --git a/scanners/cmseek/Taskfile.yaml b/scanners/cmseek/Taskfile.yaml
diff --git a/scanners/cmseek/cascading-rules/scan-joomla.yaml b/scanners/cmseek/cascading-rules/scan-joomla.yaml
diff --git a/scanners/cmseek/docs/.gitkeep b/scanners/cmseek/docs/.gitkeep
-Original file line number
+Diff line change
@@ Expand Up / @@ -419,7 +419,6 @@ jobs: @@
           matrix:
             unit:
               - amass
-              - cmseek
               - ffuf
               - git-repo-scanner
               - gitleaks
@@ Expand Down @@