FEATURES:
sniper <target> <report>
sniper <target> stealth <report>
sniper <CIDR> discover
sniper <target> port <portnum>
sniper <target> fullportonly <portnum>
sniper <target> web <report>
sniper <target> nobrute <report>
sniper <targets.txt> airstrike <report>
sniper <targets.txt> nuke <report>
sniper loot
MODES:
REPORT: Outputs all results to text in the loot directory for later reference. To enable reporting, append ‘report’ to any sniper mode or command.
STEALTH: Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking
DISCOVER: Parses all hosts on a subnet/CIDR (ie. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans.
PORT: Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.
FULLPORTONLY: Performs a full detailed port scan and saves results to XML.
WEB: Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly.
NOBRUTE: Launches a full scan against a target host/domain without brute forcing services.
AIRSTRIKE: Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IP’s that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.
NUKE: Launch full audit of multiple hosts specified in text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke.
LOOT: Automatically organizes and displays loot folder in your browser and opens Metasploit Pro and Zenmap GUI with all port scan results. To run, type ‘sniper loot’.
Virustotal Link: https://www.virustotal.com/nl/file/c3fba...556403159/
Download Link:
Step 2: chmod +x install.sh
Step 3: ./install.sh
Step 4: After install, it will open automatically.
Step 5: for usage against a site: type sniper [SITE].com (FILL IN SITENAME INSTEAD OF [SITE])
Enjoy
- Automatically collects basic recon (ie. whois, ping, DNS, etc.)
- Automatically launches Google hacking queries against a target domain
- Automatically enumerates open ports
- Automatically brute forces sub-domains and DNS info
- Automatically checks for sub-domain hijacking
- Automatically runs targeted NMap scripts against open ports
- Automatically runs targeted Metasploit scan and exploit modules
- Automatically scans all web applications for common vulnerabilities
- Automatically brute forces all open services
- Automatically exploit remote hosts to gain remote shell access
- Performs high level enumeration of multiple hosts
- Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
- Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
- Create individual workspaces to store all scan output
sniper <target> <report>
sniper <target> stealth <report>
sniper <CIDR> discover
sniper <target> port <portnum>
sniper <target> fullportonly <portnum>
sniper <target> web <report>
sniper <target> nobrute <report>
sniper <targets.txt> airstrike <report>
sniper <targets.txt> nuke <report>
sniper loot
MODES:
REPORT: Outputs all results to text in the loot directory for later reference. To enable reporting, append ‘report’ to any sniper mode or command.
STEALTH: Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking
DISCOVER: Parses all hosts on a subnet/CIDR (ie. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans.
PORT: Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.
FULLPORTONLY: Performs a full detailed port scan and saves results to XML.
WEB: Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly.
NOBRUTE: Launches a full scan against a target host/domain without brute forcing services.
AIRSTRIKE: Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IP’s that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.
NUKE: Launch full audit of multiple hosts specified in text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke.
LOOT: Automatically organizes and displays loot folder in your browser and opens Metasploit Pro and Zenmap GUI with all port scan results. To run, type ‘sniper loot’.
Virustotal Link: https://www.virustotal.com/nl/file/c3fba...556403159/
Download Link:
Step 2: chmod +x install.sh
Step 3: ./install.sh
Step 4: After install, it will open automatically.
Step 5: for usage against a site: type sniper [SITE].com (FILL IN SITENAME INSTEAD OF [SITE])
Enjoy