White Hat Institute

Sn1per - Automate information gathering and penetration testing

Sn1per Community Edition is a computerized scanner that can be utilized during a penetration test to list and sweep for vulnerabilities. Sn1per Professional is Xero Security’s top-notch revealing addon for Professional Penetration Testers, Bug Bounty Researchers, and Corporate Security groups to oversee large environments and pentest scopes.

Visit the GitHub page https://github.com/1N3/Sn1per to download the tool.

Sn1per

Clone the tool into the “/opt” directory.

Ex: ([email protected]:/opt# git clone https://github.com/1N3/Sn1per.git).

Then navigate to the “Sn1per” folder and run the installation file.

Ex: ([email protected]:/opt/Sn1per# ./install.sh).

To start the tool, use the following command: ([email protected]:/opt/Sn1per# ./sniper –help), “–help” option will show you the help menu and usage information.

Sn1per 2

Let’s see this tool in action and scan the target.

Ex: ([email protected]:/opt/Sn1per# ./sniper -t example.com).

Sn1per 3

As you can see, Sn1per provides a lot of details on open ports, running services, OS details, and many more. It even generates a link for you and provides a visual representation of the findings.

Sn1per 4

Click on the link, and it’ll take you to the searchable and sortable DNS, IP, and open ports database. Sn1per quickly filters and searches for DNS, IP address, HTTP Title and Server headers, WAF detection, open TCP/UDP ports, and scan modes.

Sn1per 5

This tool can also check if the targets in your workspace are vulnerable to email spoofing via a lack of SPF/DMARC/DKIM records. It can list all CNAME records known to be susceptible to domain hijacking and takeover. Sn1per can perform dangerous tasks on the recon field and is suggested to add this tool to your arsenal. For more information on “Sn1per pro,” visit the “https://xerosecurity.com/wordpress/.”