{"id":3071,"date":"2018-01-05T04:31:46","date_gmt":"2018-01-05T04:31:46","guid":{"rendered":"http:\/\/www.pir8geek.com\/?p=3071"},"modified":"2018-01-05T04:31:46","modified_gmt":"2018-01-05T04:31:46","slug":"automated-pentest-recon-scanner","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=3071","title":{"rendered":"Sn1per &#8211; Automated Pentest Recon Scanner"},"content":{"rendered":"<p><strong>Sn1per<\/strong> \u2013 is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities, the tools include the following well-known tools like: nmap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero, hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap, sslscan, theharvester, w3af, wapiti, whatweb, whois, nikto, wpscan and etc..<\/p>\n<p><strong>Features:<\/strong><\/p>\n<ul>\n<li>Automatically collects basic recon (ie. whois, ping, DNS, etc.)<\/li>\n<li>Automatically launches Google hacking queries against a target domain<\/li>\n<li>Automatically enumerates open ports via NMap port scanning<\/li>\n<li>Automatically brute forces sub-domains, gathers DNS info and checks for zone transfers<\/li>\n<li>Automatically checks for sub-domain hijacking<\/li>\n<li>Automatically runs targeted NMap scripts against open ports<\/li>\n<li>Automatically runs targeted Metasploit scan and exploit modules<\/li>\n<li>Automatically scans all web applications for common vulnerabilities<\/li>\n<li>Automatically brute forces ALL open services<\/li>\n<li>Automatically test for anonymous FTP access<\/li>\n<li>Automatically runs WPScan, Arachni and Nikto for all web services<\/li>\n<li>Automatically enumerates NFS shares<\/li>\n<li>Automatically test for anonymous LDAP access<\/li>\n<li>Automatically enumerate SSL\/TLS ciphers, protocols and vulnerabilities<\/li>\n<li>Automatically enumerate SNMP community strings, services and users<\/li>\n<li>Automatically list SMB users and shares, check for NULL sessions and exploit MS08-067<\/li>\n<li>Automatically exploit vulnerable JBoss, Java RMI and Tomcat servers<\/li>\n<li>Automatically tests for open X11 servers<\/li>\n<li>Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds<\/li>\n<li>Performs high level enumeration of multiple hosts and subnets<\/li>\n<li>Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for reporting<\/li>\n<li>Automatically gathers screenshots of all web sites<\/li>\n<li>Create individual workspaces to store all scan output<\/li>\n<\/ul>\n<p>This application can be installed on any linux distro.<\/p>\n<p>For Kali Linux \/ Linux Distro<\/p>\n<pre>git clone https:\/\/github.com\/1N3\/Sn1per.git\ncd YOURE CATALOG\nchmod +x install.sh \n.\/install.sh\n\n<\/pre>\n<p>Docker Install:<br \/>\nDocker Install: <a href=\"https:\/\/github.com\/menzow\/sn1per-docker\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/github.com\/menzow\/sn1per-docker<\/a><\/p>\n<p>Docker Build: https:\/\/hub.docker.com\/r\/menzo\/sn1per-docker\/builds\/bqez3h7hwfun4odgd2axvn4\/<\/p>\n<p>Example usage:<\/p>\n<pre>$ docker pull menzo\/sn1per-docker\n$ docker run --rm -ti menzo\/sn1per-docker sniper menzo.io\n\n<\/pre>\n<p>usage:<\/p>\n<pre>sniper  \nsniper  stealth \nsniper  discover\nsniper  port  \nsniper  fullportonly \nsniper  web \nsniper  webporthttp \nsniper  webporthttps \nsniper  nobrute \nsniper  airstrike \nsniper  nuke \nsniper loot\nsniper update\n<\/pre>\n<p><strong><br \/>\nVideo Demo:<\/strong><\/p>\n<p><iframe title=\"Kali Linux Tools - SN1PER Automating the process of gathering information\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/nA_V_u3QZA4?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/github.com\/1N3\/Sn1per\">Download at Github:\u00a0https:\/\/github.com\/1N3\/Sn1per<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sn1per \u2013 is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities, the tools include the following well-known tools like: nmap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero, hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap, sslscan, theharvester, w3af, wapiti, whatweb, whois, nikto, wpscan and etc.. Features: Automatically collects basic<\/p>\n","protected":false},"author":1,"featured_media":3072,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27,162,154,634,726],"tags":[422,277,741,566],"class_list":["post-3071","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-application","category-information-gathering","category-pentesting-tools","category-scanner","category-security-assessment-tool","tag-penetration","tag-scanner","tag-sn1per","tag-vulnerabilities"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/3071","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3071"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/3071\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3071"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3071"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3071"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}