{"id":20900011,"url":"https://github.com/the404hacking/sn1per","last_synced_at":"2025-05-13T01:32:05.937Z","repository":{"id":109047771,"uuid":"103531862","full_name":"The404Hacking/Sn1per","owner":"The404Hacking","description":"Automated Pentest Recon Scanner","archived":false,"fork":false,"pushed_at":"2017-10-06T07:01:44.000Z","size":257,"stargazers_count":14,"open_issues_count":2,"forks_count":4,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-01T15:09:42.177Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://github.com/The404Hacking/sn1per-docker","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/The404Hacking.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-14T12:52:48.000Z","updated_at":"2024-04-13T11:26:14.000Z","dependencies_parsed_at":"2023-05-04T02:33:25.827Z","dependency_job_id":null,"html_url":"https://github.com/The404Hacking/Sn1per","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/The404Hacking%2FSn1per","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/The404Hacking%2FSn1per/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/The404Hacking%2FSn1per/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/The404Hacking%2FSn1per/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/The404Hacking","download_url":"https://codeload.github.com/The404Hacking/Sn1per/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253854014,"owners_count":21974210,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T11:17:26.630Z","updated_at":"2025-05-13T01:32:05.930Z","avatar_url":"https://github.com/The404Hacking.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"![alt tag](https://github.com/1N3/Sn1per/blob/master/Sn1per-logo.jpg)\n\n## ABOUT:\nSn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. \n\n## DEMO VIDEO:\n[![Sn1per Demo](https://img.youtube.com/vi/nA_V_u3QZA4/0.jpg)](https://www.youtube.com/watch?v=nA_V_u3QZA4)\n\n## FEATURES:\n* Automatically collects basic recon (ie. whois, ping, DNS, etc.)\n* Automatically launches Google hacking queries against a target domain\n* Automatically enumerates open ports via NMap port scanning\n* Automatically brute forces sub-domains, gathers DNS info and checks for zone transfers\n* Automatically checks for sub-domain hijacking\n* Automatically runs targeted NMap scripts against open ports\n* Automatically runs targeted Metasploit scan and exploit modules\n* Automatically scans all web applications for common vulnerabilities\n* Automatically brute forces ALL open services\n* Automatically test for anonymous FTP access\n* Automatically runs WPScan, Arachni and Nikto for all web services\n* Automatically enumerates NFS shares\n* Automatically test for anonymous LDAP access\n* Automatically enumerate SSL/TLS ciphers, protocols and vulnerabilities\n* Automatically enumerate SNMP community strings, services and users\n* Automatically list SMB users and shares, check for NULL sessions and exploit MS08-067\n* Automatically exploit vulnerable JBoss, Java RMI and Tomcat servers\n* Automatically tests for open X11 servers\n* Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds\n* Performs high level enumeration of multiple hosts and subnets\n* Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for reporting\n* Automatically gathers screenshots of all web sites\n* Create individual workspaces to store all scan output\n\n## KALI LINUX INSTALL:\n```\n./install.sh\n```\n\n## DOCKER INSTALL:\n\nDocker Install:\nhttps://github.com/The404Hacking/sn1per-docker\n\nDocker Build:\nhttps://hub.docker.com/r/menzo/sn1per-docker/builds/bqez3h7hwfun4odgd2axvn4/\n\nExample usage:\n```\n$ docker pull The404Hacking/sn1per-docker\n$ docker run --rm -ti The404Hacking/sn1per-docker sniper menzo.io\n```\n\n## USAGE:\n```\nsniper \u003ctarget\u003e \u003creport\u003e\nsniper \u003ctarget\u003e stealth \u003creport\u003e\nsniper \u003cCIDR\u003e discover\nsniper \u003ctarget\u003e port \u003cportnum\u003e \nsniper \u003ctarget\u003e fullportonly \u003cportnum\u003e\nsniper \u003ctarget\u003e web \u003creport\u003e\nsniper \u003ctarget\u003e nobrute \u003creport\u003e\nsniper \u003ctargets.txt\u003e airstrike \u003creport\u003e\nsniper \u003ctargets.txt\u003e nuke \u003creport\u003e\nsniper loot\nsniper update\n```\n\n### MODES:\n* **REPORT:** Outputs all results to text in the loot directory for later reference. To enable reporting, append 'report' to any sniper mode or command.\n* **STEALTH:** Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking\n* **DISCOVER:** Parses all hosts on a subnet/CIDR (ie. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans.\n* **PORT:** Scans a specific port for vulnerabilities. Reporting is not currently available in this mode.\n* **FULLPORTONLY:** Performs a full detailed port scan and saves results to XML.\n* **WEB:** Adds full automatic web application scans to the results (port 80/tcp \u0026 443/tcp only). Ideal for web applications but may increase scan time significantly.   \n* **NOBRUTE:** Launches a full scan against a target host/domain without brute forcing services.\n* **AIRSTRIKE:** Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IP's that need to be scanned and run ./sn1per /full/path/to/targets.txt airstrike to begin scanning.\n* **NUKE:** Launch full audit of multiple hosts specified in text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke. \n* **LOOT:** Automatically organizes and displays loot folder in your browser and opens Metasploit Pro and Zenmap GUI with all port scan results. To run, type 'sniper loot'.\n* **UPDATE:** Checks for updates and upgrades all components used by sniper.\n\n## SAMPLE REPORT:\nhttps://github.com/The404Hacking/Sn1per/blob/master/Sn1per-v1.5-report\n\n## Download and Clone\n\u003e Download: [https://github.com/The404Hacking/Sn1per/archive/master.zip](https://github.com/The404Hacking/Sn1per/archive/master.zip)\n\n\u003e Clone: git clone [https://github.com/The404Hacking/Sn1per.git](https://github.com/The404Hacking/Sn1per.git)\n\n## The404Hacking | Digital UnderGround Team\n[The404Hacking](https://T.me/The404Hacking)\n\n## Follow us !\n[The404Hacking](https://T.me/The404Hacking) - [The404Cracking](https://T.me/The404Cracking)\n\n[Instagram](https://instagram.com/The404Hacking) - [GitHub](https://github.com/The404Hacking)\n\n[YouTube](http://yon.ir/youtube404) - [Aparat](http://www.aparat.com/The404Hacking)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthe404hacking%2Fsn1per","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthe404hacking%2Fsn1per","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthe404hacking%2Fsn1per/lists"}