Sn1per
nuclei-templates
Our great sponsors
Sn1per | nuclei-templates | |
---|---|---|
5 | 13 | |
7,517 | 8,024 | |
- | 3.7% | |
6.1 | 10.0 | |
26 days ago | 6 days ago | |
Shell | JavaScript | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Sn1per
-
Surface management tools
For now the best tool I have found is this one: https://github.com/1N3/Sn1per
-
somone please help me improving my log file nom Parser code?
Starting PostgreSQL 13 database server: main. [94m[*][0m Loaded configuration file from /usr/share/sniper/sniper.conf [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Loaded configuration file from /root/.sniper.conf [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Saving loot to /usr/share/sniper/loot/workspace/nosva [94m[[0m[92mOK[0m[94m][0m [94m[*][0m Scanning 192.158.1.38 [94m[[0m[92mOK[0m[94m][0m [91m ____ [0m [91m _________ / _/___ ___ _____[0m [91m / ___/ __ \ / // __ \/ _ \/ ___/[0m [91m (__ ) / / // // /_/ / __/ / [0m [91m /____/_/ /_/___/ .___/\___/_/ [0m [91m /_/ [0m [93m + -- --=[ https://sn1persecurity.com[0m [93m + -- --=[ Sn1per v9.0 by u/xer0dayz[0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m RUNNING SC0PE WEB VULNERABILITY SCAN [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• P5 - INFO, CSP Not Enforced, http://192.158.1.38/, P2 - HIGH, Clear-Text Protocol - HTTP, http://192.158.1.38/, HTTP/1.1 200 OK P4 - LOW, Clickjacking HTTP, http://192.158.1.38/, P5 - INFO, CSP Not Enforced, https://192.158.1.38:443/, [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m RUNNING SC0PE NETWORK VULNERABILITY SCAN [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• P5 - INFO, Interesting Ports Found, 192.158.1.38, 21 8080 9090 7070 [92m====================================================================================[0 m•x[92m[2022-08-22](15:56)[0mx• ==================================================================================== •?((¯°·..• Sc0pe Vulnerability Report by u/xer0dayz •._.·°¯))؟• ==================================================================================== Critical: 0 High: 1 Medium: 0 Low: 1 Info: 2 Score: 8 ==================================================================================== P2 - HIGH, Clear-Text Protocol - HTTP, http://192.158.1.38:80/, HTTP/1.1 200 OK P4 - LOW, Clickjacking HTTP, http://192.158.1.38:80/, P5 - INFO, CSP Not Enforced, http://192.158.1.38:80/, P5 - INFO, CSP Not Enforced, https://192.158.1.38:443/, ==================================================================================== [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx• [91m SCAN COMPLETE! [0m [92m====================================================================================[0m•x[92m[2022-08-22](15:56)[0mx•
-
Are there any good automated attack tools besides Pentera?
Sn1per https://github.com/1N3/Sn1per
-
Tools for github recon?
Sniper All-in-one Pentesting tool
-
WebMap : A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
This is awesome you have made your own tool a feat I have yet to do. If you are looking for pen-test automation you should check out Sn1per I love this tool.
nuclei-templates
-
Script kiddie tools preferred by the hackers of this channel?
Check https://github.com/projectdiscovery/nuclei mostly for CVEs.
-
Link CVE to installed applications?
Otherwise your on the right path checkout the open source Greenbones OpenVAS (this was Nessus before they closed source and became corporate) or Project Discovery Nuclei
-
Attack simulation tool based on CVE
Nmap can run scripts that trigger NIPS, as does Nuclei. https://nmap.org/ & https://github.com/projectdiscovery/nuclei you can look at a list of vuln scanners here. https://owasp.org/www-community/Vulnerability_Scanning_Tools. Nessus would be a common one to look at for Enterprise. Rapid 7, Qualys.
-
XSS vulnerabilities discovered in ServiceNow - CVE-2022-38463
I created a nuclei template and scanned the bug bounty programs with nuclei and found that many companies were vulnerable to this.
- Are there any good automated attack tools besides Pentera?
-
Free vulnerability scanners
Nuclei might be a good option: https://github.com/projectdiscovery/nuclei
-
Spring4Shell: An Application Vulnerable to RCE
Recently one of the security researchers has built a Nuclei Template to Detect Spring4Shell, This template can be easily run to scan for Spring4Shell on your Networking, routing, or security devices inside your network. Template Link: https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2022/CVE-2022-22965.yaml
- GitHub - projectdiscovery/nuclei: Fast and customizable vulnerability scanner based on simple YAML based DSL.
-
Almost every publicly available CVE PoC
For a curated collection of CVE PoCs that is continuously updated by the bug bounty community, check out the projectdiscovery nuclei repo: https://github.com/projectdiscovery/nuclei-templates/tree/ma...
-
Log4j RCE Found
https://github.com/google/tsunami-security-scanner (I bet it would be easy to write a plugin for https://github.com/projectdiscovery/nuclei as well.)
To see if there are injection points statically, I work on a tool (https://github.com/returntocorp/semgrep) that someone else already wrote a check with: https://twitter.com/lapt0r/status/1469096944047779845 or look for the mitigation with `semgrep -e '$LOGGER.formatMsgNoLookups(true)' --lang java`. For the mitigation, the string should be unique enough that just ripgrep works well too.
What are some alternatives?
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Awesome-Bugbounty-Writeups - A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Vulnnr - Vulnnr - Vulnerability Scanner And Mass Exploiter, created for pentesting.
Apache Log4j 2 - Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
GhostRecon - Popular OSINT framework. Works fine with kali linux and other Debian-based systems. Coded this as a teen, so not really reliable for real researches.
apache-log4j-poc - Apache Log4j 远程代码执行
LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed - This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.
Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Spring4Shell-POC - This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).