“I originally created Sn1per because I didn’t want to run 10 different security tools and remember every command switch for each pentest I was doing. I wanted to be more efficient in the enumeration phase in order to save time and focus on other more manual aspects of penetration testing,” 1N3@CrowdShield, creator of Sn1per
[+] [-] Errorcod3|9 years ago|reply
Features
•Automatically collects basic recon (ie. whois, ping, DNS, etc.)
•Automatically launches Google hacking queries against a target domain
•Automatically enumerates open ports
•Automatically brute forces sub-domains and DNS info
•Automatically checks for sub-domain hijacking
•Automatically runs targeted nmap scripts against open ports
•Automatically runs targeted Metasploit scan and exploit modules
•Automatically scans all web applications for common vulnerabilities
•Automatically brute forces all open services
•Automatically exploit remote hosts to gain remote shell access
•Performs high level enumeration of multiple hosts
•Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds.