Sn1per
Sudomy
Our great sponsors
| Sn1per | Sudomy | |
|---|---|---|
| 5 | 3 | |
| 7,517 | 1,847 | |
| - | - | |
| 6.1 | 2.2 | |
| 24 days ago | 2 months ago | |
| Shell | Shell | |
| GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Sn1per
-
Surface management tools
For now the best tool I have found is this one: https://github.com/1N3/Sn1per
-
somone please help me improving my log file nom Parser code?
Starting PostgreSQL 13 database server: main. [94m[*][0m Loaded configuration file from /usr/share/sniper/sniper.conf [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Loaded configuration file from /root/.sniper.conf [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Saving loot to /usr/share/sniper/loot/workspace/nosva [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Scanning 192.158.1.38 [94m[[0m[92mOK[0m[94m][0m [91m ____ [0m [91m _________ / _/___ ___ _____[0m [91m / ___/ __ \ / // __ \/ _ \/ ___/[0m [91m (__ ) / / // // /_/ / __/ / [0m [91m /____/_/ /_/___/ .___/\___/_/ [0m [91m /_/ [0m [93m + -- --=[ https://sn1persecurity.com[0m [93m + -- --=[ Sn1per v9.0 by u/xer0dayz[0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m RUNNING SC0PE WEB VULNERABILITY SCAN [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• P5 - INFO, CSP Not Enforced, http://192.158.1.38/, P2 - HIGH, Clear-Text Protocol - HTTP, http://192.158.1.38/, HTTP/1.1 200 OK P4 - LOW, Clickjacking HTTP, http://192.158.1.38/, P5 - INFO, CSP Not Enforced, https://192.158.1.38:443/, [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m RUNNING SC0PE NETWORK VULNERABILITY SCAN [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• P5 - INFO, Interesting Ports Found, 192.158.1.38, 21 8080 9090 7070 [92m====================================================================================[0 m•x[92m[2022-08-22](15:56)[0mx• ==================================================================================== •?((¯°·..• Sc0pe Vulnerability Report by u/xer0dayz •._.·°¯))؟• ==================================================================================== Critical: 0 High: 1 Medium: 0 Low: 1 Info: 2 Score: 8 ==================================================================================== P2 - HIGH, Clear-Text Protocol - HTTP, http://192.158.1.38:80/, HTTP/1.1 200 OK P4 - LOW, Clickjacking HTTP, http://192.158.1.38:80/, P5 - INFO, CSP Not Enforced, http://192.158.1.38:80/, P5 - INFO, CSP Not Enforced, https://192.158.1.38:443/, ==================================================================================== [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m SCAN COMPLETE! [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx•
-
Are there any good automated attack tools besides Pentera?
Sn1per https://github.com/1N3/Sn1per
-
Tools for github recon?
Sniper All-in-one Pentesting tool
-
WebMap : A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
This is awesome you have made your own tool a feat I have yet to do. If you are looking for pen-test automation you should check out Sn1per I love this tool.
Sudomy
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting
- Non brute-forcing options/strategies to find subdomains
-
Looking for an API like builtwith.com (let's you know what technology is behind website), but one that's opensource, or at least is more startup friendly ....
That said, keep in mind that not everything is going to find its way indexed in Google. If it's subdomains you're after, you can use tools like Sublist3r or Sudomy to pull data from multiple sources (not just DNS).
What are some alternatives?
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Sublist3r - Fast subdomains enumeration tool for penetration testers
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Vulnnr - Vulnnr - Vulnerability Scanner And Mass Exploiter, created for pentesting.
LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
Dome - Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
GhostRecon - Popular OSINT framework. Works fine with kali linux and other Debian-based systems. Coded this as a teen, so not really reliable for real researches.
eReKon - Yet another web recon tool, rebuilding on t3 stack
SEF - SEF is a Subdomain Enumeration Framework that covers passive, active & permuted enumeration