banner
andrewji8

Being towards death

Heed not to the tree-rustling and leaf-lashing rain, Why not stroll along, whistle and sing under its rein. Lighter and better suited than horses are straw sandals and a bamboo staff, Who's afraid? A palm-leaf plaited cape provides enough to misty weather in life sustain. A thorny spring breeze sobers up the spirit, I feel a slight chill, The setting sun over the mountain offers greetings still. Looking back over the bleak passage survived, The return in time Shall not be affected by windswept rain or shine.
telegram
twitter
github
HomeArchives

Sn1per - Automated Pentest Recon Scanner

#渗透132
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Sn1per is an automated scanning tool used during penetration testing to enumerate and scan for vulnerabilities. It has various features such as collecting reconnaissance information, launching Google hacker queries, scanning open ports, brute-forcing subdomains, checking for subdomain hijacking, running NMap and Metasploit scans, testing web applications for common vulnerabilities, testing anonymous FTP and LDAP access, enumerating SSL/TLS passwords and SNMP community strings, listing SMB users and shares, exploiting vulnerable servers, testing open X11 servers, and more. It can be installed on Kali Linux or Docker. It offers different modes such as stealth, discovery, port, fullportonly, web, webporthttp, webporthttps, nobrute, airstrike, nuke, and lootsniper. It also provides reporting capabilities and allows for updating and upgrading its components. The tool can be downloaded from the GitHub repository.

image
Sn1per is an automated scanning tool that can be used for enumeration and vulnerability scanning during penetration testing.

Features:

  • Automatically collects basic reconnaissance (such as whois, ping, DNS, etc.)
  • Automatically launches Google hacking queries against the target domain
  • Automatically enumerates open ports through NMap port scanning
  • Automatically brute forces subdomains, collects DNS information, and checks for zone transfers
  • Automatically checks for subdomain hijacking
  • Automatically runs target NMap scripts against open ports
  • Automatically runs target Metasploit scanning and exploitation modules
  • Automatically scans all web applications for common vulnerabilities
  • Automatically brute forces all open services
  • Automatically tests for anonymous FTP access
  • Automatically runs WPScan, Arachni, and Nikto to gather information on all web services
  • Automatically enumerates NFS shares
  • Automatically tests for anonymous LDAP access
  • Automatically enumerates SSL/TLS ciphers, protocols, and vulnerabilities
  • Automatically enumerates SNMP community strings, services, and users
  • Automatically lists SMB users and shares, checks for NULL sessions, and exploits MS08-067
  • Automatically exploits vulnerable JBoss, Java RMI, and Tomcat servers
  • Automatically tests for open X11 servers
  • Added auto-pwn for Metasploitable, ShellShock, MS08-067, and default Tomcat Creds
  • Performs advanced enumeration of multiple hosts and subnets
  • Integrates with Metasploit Pro, MSFConsole, and Zenmap for reporting
  • Automatically captures screenshots of all websites
  • Creates a single workspace to store all scan outputs

Kali Linux installation: Run ./install.sh
Docker installation: Docker installation: https://github.com/menzow/sn1per-docker

Docker Build:

https://hub.docker.com/r/menzo/sn1per-docker/builds/bqez3h7hwfun4odgd2axvn4/

Example usage:
sniper
sniper stealth
sniper discover
sniper port
sniper fullportonly
sniper web
sniper webporthttp
sniper webporthttps
sniper nobrute
sniper <targets.txt> airstrike
sniper <targets.txt> nuke
sniper loot
sniper update

Modes:

Report: Outputs all results to a loot directory for future reference. To enable reporting, append "report" to any sniper mode or command.

STEALTH: Quickly enumerates a single target using mostly non-intrusive scans to avoid WAF/IPS blocking.

Discover: Resolves all hosts on a subnet/CIDR (e.g., 192.168.0.0/16) and launches a sniper scan against each host. Useful for internal network scanning.

PORT: Scans for vulnerabilities on a specific port. Reporting functionality is currently not available in this mode.

FULLPORTONLY: Performs a detailed full port scan and saves the results to XML.

WEB: Adds fully automated web application scanning to the results (limited to ports 80/tcp and 443/tcp). Useful for web applications but may significantly increase scanning time.

WEBPORTHTTP: Launches a full HTTP web application scan against a specific host and port.

WEBPORTHTTPS: Launches a full HTTPS web application scan against a specific host and port.

NOBRUTE: Launches a full scan against the target host/domain without using brute-forcing services.

AIRSTRIKE: Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of a file containing all hosts, the IP(s) to scan, and run ./sn1per /full/path/to/targets.txt airstrike to start the scan.

NUKE: Launches a full audit against multiple hosts specified in a text file. Usage example: ./sniper /pentest/loot/targets.txt nuke.

LOOT: Automatically organizes and displays the loot folder in a browser, and opens Metasploit Pro and Zenmap GUI along with all port scan results. To run, type "sniper loot".

UPDATE: Checks for updates and upgrades all components used by sniper.

Download link: https://github.com/1N3/Sn1per

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.