Penetration Test con Sn1per

Sn1per es un scanner automatizado para realizar Penetration Test y sobre todo las tareas de enumeración y análisis de vulnerabilidades.

git clone 

Las herramientas incluidas en Sn1per son las siguientes:

  • Collects basic recon (ie. whois, ping, DNS, etc.)
  • Launches Google hacking queries against a target domain
  • Enumerates open ports via NMap port scanning
  • Brute forces sub-domains, gathers DNS info and checks for zone transfers
  • Checks for sub-domain hijacking
  • Runs targeted NMap scripts against open ports
  • Runs targeted Metasploit scan and exploit modules
  • Scans all web applications for common vulnerabilities
  • Brute forces ALL open services
  • Test for anonymous FTP access
  • Runs WPScan, Arachni and Nikto for all web services
  • Enumerates NFS shares
  • Test for anonymous LDAP access
  • Enumerate SSL/TLS ciphers, protocols and vulnerabilities
  • Enumerate SNMP community strings, services and users
  • List SMB users and shares, check for NULL sessions and exploit MS08-067
  • Exploit vulnerable JBoss, Java RMI and Tomcat servers
  • Tests for open X11 servers
  • Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
  • Performs high level enumeration of multiple hosts and subnets
  • Integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
  • Gathers screenshots of all web sites
  • Create individual workspaces to store all scan output


  • “}else{if(A==6){c+=’

  • “+w+’‘+u+”“+y+”
  • “}else{c+=’

  • “+w+”
  • “}}}}}s.innerHTML=c+=””+y;d.callBack()};randomRelatedIndex=h;showRelatedPost=g;j(d.homePage.replace(//$/,””)+”/feeds/posts/summary”+e+”?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex”)})(window,document,document.getElementsByTagName(“head”)[0]);


    Source link

    Dejar una respuesta