CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
100.0%
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com.
SN1PER PROFESSIONAL FEATURES:
Professional reporting interface
Slideshow for all gathered screenshots
Searchable and sortable DNS, IP and open port database
Detailed host reports
NMap HTML host reports
Quick links to online recon tools and Google hacking queries
Takeovers and Email Security
HTML5 Notepad
ORDER SN1PER PROFESSIONAL:
To obtain a Sn1per Professional license, go to https://xerosecurity.com.
DEMO VIDEO:
SN1PER COMMUNITY FEATURES:
EXPLOITS:
KALI LINUX INSTALL:
bash install.sh
UBUNTU/DEBIAN/PARROT INSTALL:
bash install_debian_ubuntu.sh
DOCKER INSTALL:
docker build Dockerfile
USAGE:
[*] NORMAL MODE
sniper -t|--target <TARGET>
[*] NORMAL MODE + OSINT + RECON + FULL PORT SCAN + BRUTE FORCE
sniper -t|--target <TARGET> -o|--osint -re|--recon -fp|--fullportonly -b|--bruteforce
[*] STEALTH MODE + OSINT + RECON
sniper -t|--target <TARGET> -m|--mode stealth -o|--osint -re|--recon
[*] DISCOVER MODE
sniper -t|--target <CIDR> -m|--mode discover -w|--workspace <WORSPACE_ALIAS>
[*] FLYOVER MODE
sniper -t|--target <TARGET> -m|--mode flyover -w|--workspace <WORKSPACE_ALIAS>
[*] AIRSTRIKE MODE
sniper -f|--file /full/path/to/targets.txt -m|--mode airstrike
[*] NUKE MODE WITH TARGET LIST, BRUTEFORCE ENABLED, FULLPORTSCAN ENABLED, OSINT ENABLED, RECON ENABLED, WORKSPACE & LOOT ENABLED
sniper -f--file /full/path/to/targets.txt -m|--mode nuke -w|--workspace <WORKSPACE_ALIAS>
[*] SCAN ONLY SPECIFIC PORT
sniper -t|--target <TA RGET> -m port -p|--port <portnum>
[*] FULLPORTONLY SCAN MODE
sniper -t|--target <TARGET> -fp|--fullportonly
[*] PORT SCAN MODE
sniper -t|--target <TARGET> -m|--mode port -p|--port <PORT_NUM>
[*] WEB MODE - PORT 80 + 443 ONLY!
sniper -t|--target <TARGET> -m|--mode web
[*] HTTP WEB PORT HTTP MODE
sniper -t|--target <TARGET> -m|--mode webporthttp -p|--port <port>
[*] HTTPS WEB PORT HTTPS MODE
sniper -t|--target <TARGET> -m|--mode webporthttps -p|--port <port>
[*] WEBSCAN MODE
sniper -t|--target <TARGET> -m|--mode webscan
[*] ENABLE BRUTEFORCE
sniper -t|--target <TARGET> -b|--bruteforce
[*] ENABLE LOOT IMPORTING INTO METASPLOIT
sniper -t|--target <TARGET>
[*] LOOT REIMPORT FUNCTION
sniper -w <WORKSPACE_ALIAS> --reimport
[*] LOOT REIMPORTALL FUNCTION
sniper -w <WORKSPACE_ALIAS& gt; --reimportall
[*] DELETE WORKSPACE
sniper -w <WORKSPACE_ALIAS> -d
[*] DELETE HOST FROM WORKSPACE
sniper -w <WORKSPACE_ALIAS> -t <TARGET> -dh
[*] SCHEDULED SCANS'
sniper -w <WORKSPACE_ALIAS> -s daily|weekly|monthly'
[*] SCAN STATUS
sniper --status
[*] UPDATE SNIPER
sniper -u|--update
MODES:
SAMPLE REPORT:
https://gist.github.com/1N3/8214ec2da2c91691bcbc
Download Sn1per
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
100.0%