Sn1per Community Edition is a computerized scanner that can be utilized during a penetration test to list and sweep for vulnerabilities. Sn1per Professional is Xero Security’s top-notch revealing addon for Professional Penetration Testers, Bug Bounty Researchers, and Corporate Security groups to oversee large environments and pentest scopes.
Visit the GitHub page “https://github.com/1N3/Sn1per” to download the tool.
Clone the tool into the “/opt” directory.
Ex: (root@kali:/opt# git clone https://github.com/1N3/Sn1per.git).
Then navigate to the “Sn1per” folder and run the installation file.
Ex: (root@kali:/opt/Sn1per# ./install.sh).
To start the tool, use the following command: (root@kali:/opt/Sn1per# ./sniper –help), “–help” option will show you the help menu and usage information.
Let’s see this tool in action and scan the target.
Ex: (root@kali:/opt/Sn1per# ./sniper -t example.com).
As you can see, Sn1per provides a lot of details on open ports, running services, OS details, and many more. It even generates a link for you and provides a visual representation of the findings.
Click on the link, and it’ll take you to the searchable and sortable DNS, IP, and open ports database. Sn1per quickly filters and searches for DNS, IP address, HTTP Title and Server headers, WAF detection, open TCP/UDP ports, and scan modes.
This tool can also check if the targets in your workspace are vulnerable to email spoofing via a lack of SPF/DMARC/DKIM records. It can list all CNAME records known to be susceptible to domain hijacking and takeover. Sn1per can perform dangerous tasks on the recon field and is suggested to add this tool to your arsenal. For more information on “Sn1per pro,” visit the “https://xerosecurity.com/wordpress/.”