Sn1per es un scanner automatizado para realizar Penetration Test y sobre todo las tareas de enumeración y análisis de vulnerabilidades.

git clone https://github.com/1N3/Sn1per.git 
 ./install.sh
 sniper blabla.com

Las herramientas incluidas en Sn1per son las siguientes:

• Collects basic recon (ie. whois, ping, DNS, etc.)
• Launches Google hacking queries against a target domain
• Enumerates open ports via NMap port scanning
• Brute forces sub-domains, gathers DNS info and checks for zone transfers
• Checks for sub-domain hijacking
• Runs targeted NMap scripts against open ports
• Runs targeted Metasploit scan and exploit modules
• Scans all web applications for common vulnerabilities
• Brute forces ALL open services
• Test for anonymous FTP access
• Runs WPScan, Arachni and Nikto for all web services
• Enumerates NFS shares
• Test for anonymous LDAP access
• Enumerate SSL/TLS ciphers, protocols and vulnerabilities
• Enumerate SNMP community strings, services and users
• List SMB users and shares, check for NULL sessions and exploit MS08-067
• Exploit vulnerable JBoss, Java RMI and Tomcat servers
• Tests for open X11 servers
• Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
• Performs high level enumeration of multiple hosts and subnets
• Integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
• Gathers screenshots of all web sites
• Create individual workspaces to store all scan output