Sn1per – Automated Pentest Framework

Hey Folks, in this tutorial we are going to talk about automated scanned tool called “Sn1per“. Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes.

Let’s take a look 🙂 !!

Installation

First of all we will download this tool using the git command and then go to the directory of this tool. As we told you this is an automated tool so it will be installed automatically after executing the bash command.

git clone https://github.com/1N3/Sn1per.git
cd Sn1per
bash install.sh

Hmm 🙂 !! This actually takes longer, but after the installation is complete you will be prompted to start this tool.

Done 🙂 !! Now we can lunch this tool from anywhere in our localhost system. Also you can identify all the features of this tool using the help command.

sniper --help

Host Scanner

We will start with a basic scan, for which we have to provide the target host description in the command. Let’s see what we get after using the basic scan feature of this tool.

sniper -t < host address >

Port Scanning

First it scanned all open, closed and filler services running on all target servers.

Also we can see the in-depth description of every services running on the target web server.

Vulnerability Exploiting

It has identified that ftp services running on port 21 are insecure due to which it has given us cmd shell to remotely control the entire web server.

Domain Scanner

We can scan any domain just like a host scan.

sniper -t testphp.vulnweb.com

After entering the domain details, it will dump all the in-depth details about the services running on the target web server.

WAF Detection

Also if a firewall is available on a web application it will easily detect it, but in our case firewall protection is not available on target web server.

Website Technology

We can also see all the technologies with the help of which web applications have been built.

OSINT and Reconnaissance

Both OSINT and reconnaissance feature is available in this tool which you can use by adding the following parameters after setting the target.

sniper -t testphp.vulnweb.com -o -re

WHOIS Information

WHOIS is an Internet service used to look up information about a domain name.

Web Application Vulnerability

It will try to find various -2 types of vulnerabilities in a web application by automatically adding payloads one by one.

As you can see it has found vulnerability of sql injection in web application.

Also the web applcation is vulnerable to the cross site scripting vulnerabiltiy (XSS).

Similarly, this tool has many features that you can use one by one.