HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Sn1per v8.5 - Automated Pentest Recon Scanner

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,612
Solutions
2
Reputation
32
Reaction score
100,454
Points
2,313
Credits
32,640
‎6 Years of Service‎
 
76%
snipper.png


Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting add-on for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes.

FEATURES:

    Automatically collects basic recon (ie. whois, ping, DNS, etc.)
    Automatically launches Google hacking queries against a target domain
    Automatically enumerates open ports via Nmap port scanning
    Automatically brute forces sub-domains gathers DNS info and checks for zone transfers
    Automatically checks for sub-domain hijacking
    Automatically runs targeted Nmap scripts against open ports
    Automatically runs targeted Metasploit scan and exploit modules
    Automatically scans all web applications for common vulnerabilities
    Automatically brute forces ALL open services
    Automatically test for anonymous FTP access
    Automatically runs WPScan, Arachni and Nikto for all web services
    Automatically enumerates NFS shares
    Automatically test for anonymous LDAP access
    Automatically enumerate SSL/TLS cyphers, protocols and vulnerabilities
    Automatically enumerate SNMP community strings, services and users
    Automatically list SMB users and shares, check for NULL sessions and exploit MS08-067
    Automatically exploit vulnerable JBoss, Java RMI and Tomcat servers
    Automatically tests for open X11 servers
    Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
    Performs high-level enumeration of multiple hosts and subnets
    Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
    Automatically gathers screenshots of all websites
    Create individual workspaces to store all scan output

Changelog

    v8.5 – Added manual installer for Metasploit
    v8.5 – Added Phantomjs manual installer
    v8.5 – Added sc0pe template to check for default credentials via BruteX
    v8.5 – Added fullportscans to all ‘web’ mode scans to ensure full port coverage
    v8.5 – Fixed issue with 2nd stage OSINT scans not running
    v8.5 – Added port values to sc0pe engine to define port numbers
    v8.5 – Fixed issue with LinkFinder not working
    v8.5 – Fixed issue with Javascript link parser
    v8.5 – Added phantomjs dependency to fix webscreenshots on Ubuntu
    v8.5 – Added http-default-accounts NMap NSE to check for default web credentials
    v8.5 – Fixed several issues with install.sh to resolve deps on Ubuntu and Kali 2020.2
    v8.5 – Removed larger wordlists to reduce install size of Sn1per
    v8.5 – Added 20+ new active/passive sc0pe templates
    v8.5 – Fixed issue with installer on latest Kali and Docker builds
    v8.5 – Fixed custom installer for Arachni
    v8.5 – Fixed Dockerfile with updated Kali image (CC. @stevemcilwain)

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top