Hey Folks, in this tutorial we are going to talk about automated scanned tool called “Sn1per“. Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes.
Let’s take a look 🙂 !!
Installation
First of all we will download this tool using the git command and then go to the directory of this tool. As we told you this is an automated tool so it will be installed automatically after executing the bash command.
1 2 3 | git clone https://github.com/1N3/Sn1per.git cd Sn1per bash install.sh |
Hmm 🙂 !! This actually takes longer, but after the installation is complete you will be prompted to start this tool.
Done 🙂 !! Now we can lunch this tool from anywhere in our localhost system. Also you can identify all the features of this tool using the help command.
1 | sniper --help |
Host Scanner
We will start with a basic scan, for which we have to provide the target host description in the command. Let’s see what we get after using the basic scan feature of this tool.
1 | sniper -t < host address > |
Port Scanning
First it scanned all open, closed and filler services running on all target servers.
Also we can see the in-depth description of every services running on the target web server.
Vulnerability Exploiting
It has identified that ftp services running on port 21 are insecure due to which it has given us cmd shell to remotely control the entire web server.
Domain Scanner
We can scan any domain just like a host scan.
1 | sniper -t testphp.vulnweb.com |
After entering the domain details, it will dump all the in-depth details about the services running on the target web server.
WAF Detection
Also if a firewall is available on a web application it will easily detect it, but in our case firewall protection is not available on target web server.
Website Technology
We can also see all the technologies with the help of which web applications have been built.
OSINT and Reconnaissance
Both OSINT and reconnaissance feature is available in this tool which you can use by adding the following parameters after setting the target.
1 | sniper -t testphp.vulnweb.com -o -re |
WHOIS Information
WHOIS is an Internet service used to look up information about a domain name.
Web Application Vulnerability
It will try to find various -2 types of vulnerabilities in a web application by automatically adding payloads one by one.
As you can see it has found vulnerability of sql injection in web application.
Also the web applcation is vulnerable to the cross site scripting vulnerabiltiy (XSS).
Similarly, this tool has many features that you can use one by one.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.