Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked Sn1per v8.4 by @xer0dayz


itsMe

Recommended Posts

This is the hidden content, please

Introduction

Sn1per is an automated scanner that you can use during a penetration testing to perform vulnerability scanning. There are two Sn1per versions available:

    Community Edition, and
    Professional Edition.

Sn1per: Automated Pentest Recon Scanner

Sn1per Community edition is an automated pentest recon scanner that can be used during pentest to enumerate and scan for vulnerabilities. But there is also Sn1per Professional, a Xero Security’s premium reporting addon, available for :

    Professional Penetration Testers
    Bug Bounty Researchers
    Corporate Security teams

Features (Community) – Sn1per automatically:

    collects basic recon (ie. whois, ping, DNS, etc.)
    launches Google hacking queries against a target domain
    enumerates open ports via NMap port scanning
    brute forces sub-domains, gathers DNS info and checks for zone transfers
    checks for sub-domain hijacking
    runs targeted NMap scripts against open ports
    runs targeted Metasploit scan and exploit modules
    scans all web applications for common vulnerabilities
    brute forces ALL open services
    tests for anonymous FTP access
    runs WPScan, Arachni and Nikto for all web services
    enumerates NFS shares
    tests for anonymous LDAP access
    enumerate SSL/TLS ciphers, protocols and vulnerabilities

    enumerates SNMP community strings, services and users
    lists SMB users and shares, check for NULL sessions and exploit MS08-067
    exploits vulnerable JBoss, Java RMI and Tomcat servers
    tests for open X11 servers
    auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
    performs high level enumeration of multiple hosts and subnets
    integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
    gathers screenshots of all web sites
    creates individual workspaces to store all scan output

This is the hidden content, please

CHANGELOG:

    v8.4 – Added project “Sc0pe” active/passive vulnerability scanner
    v8.4 – Added 68 new active sc0pe templates
    v8.4 – Added 14 new passive sc0pe templates
    v8.4 – Added OWASP ZAP API integration
    v8.4 – Added 8 new Sn1per configuration templates (see /usr/share/sniper/conf/)
    v8.4 – Added Gau (https://github.com/lc/gau)
    v8.4 – Added rapiddns subdomain retrieval
    v8.4 – Updated web content wordlists
    v8.4 – Improved efficiency of ‘web’ and ‘recon’ mode scans
    v8.4 – Disabled legacy Metasploit web exploits (check Sn1per conf to re-enable)
    v8.4 – Fixed issue with dirsearch asterisk being used incorrectly
    v8.4 – Fixed issue with airstrike mode not updated Sn1per Professional v8.0 host list
    v8.4 – Fixed issue with webtech re.error: invalid group reference 1 at position 130

This is the hidden content, please

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.