Sn1per v1.4 by 1N3@CrowdShield

zxc2007 · Nov 30, 2015 · 8566632 · 8566632
1 parent 19e9677
commit 8566632
Show file tree

Hide file tree

Showing 6 changed files with 180 additions and 68 deletions.
diff --git a/README.md b/README.md
@@ -1,25 +1,37 @@
-+ -- --=[Sn1per v1.3 by 1N3
++ -- --=[Sn1per v1.4 by 1N3
 + -- --=[http://crowdshield.com
 
-Sn1per - Automated Pentest Recon Scanner
+# Sn1per - Automated Pentest Recon Scanner
 
-ABOUT:
+## ABOUT:
 Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. 
 
-FEATURES:
-- Automatically collects basic recon (ie. whois, ping, DNS, etc.)
-- Automatically launches Google hacking queries against a target domain
-- Automatically enumerates open ports
-- Automatically brute forces sub-domains and DNS info
-- Automatically runs targeted nmap scripts against open ports
-- Automatically scans all web applications for common vulnerabilities
-- Automatically brute forces all open services
+## FEATURES:
+* Automatically collects basic recon (ie. whois, ping, DNS, etc.)
+* Automatically launches Google hacking queries against a target domain
+* Automatically enumerates open ports
+* Automatically brute forces sub-domains and DNS info
+* Automatically runs targeted nmap scripts against open ports
+* Automatically scans all web applications for common vulnerabilities
+* Automatically brute forces all open services
 
-INSTALL:
+## INSTALL:
+```
 ./install.sh - Installs all dependencies. Best run from Kali Linux. 
+```
 
-USAGE:
+## USAGE:
+```
 ./sn1per <target>
+```
+
+## SAMPLE REPORT:
+https://goo.gl/96LCAg
+
+## CHANGELOG:
+* v1.4 - Added Yasou for automatic web form brute forcing
+* v1.4 - Added MassBleed for SSL vulnerability detection
+* v1.4 - Added Breach-Miner for detection of breached accounts
+* v1.4 - Fixed minor errors with nmap
+* v1.4 - Removed debug output from goohak from displaying on console
 
-SAMPLE REPORT:
-https://gist.githubusercontent.com/1N3/070d14c364e5f23bfe5e/raw/8e152e740ba50cd49bb3366ec91cf7d08ca02715/Sn1per%2520Sample%2520Report
diff --git a/install.sh b/install.sh
@@ -2,13 +2,17 @@
 # Install script for sn1per
 #
 echo "Installing sn1per dependencies..."
-apt-get install host whois theharvester dnsenum curl nmap php5 php5-curl wapiti hydra iceweasel wpscan sqlmap arachni w3af golismero nbtscan enum4linux cisco-torch metasploit-framework theharvester nmap dnsenum nikto smtp-user-enum whatweb python nbtscan sslscan amap
+apt-get install host whois theharvester dnsenum dnsrecon curl nmap php5 php5-curl wapiti hydra iceweasel wpscan sqlmap arachni w3af golismero nbtscan enum4linux cisco-torch metasploit-framework theharvester nmap dnsenum nikto smtp-user-enum whatweb python nbtscan sslscan amap
 git clone https://github.com/1N3/Findsploit.git
 git clone https://github.com/1N3/BruteX.git
 git clone https://github.com/1N3/Goohak.git
+cp Goohak/goohak /usr/bin/ -f
 git clone https://github.com/1N3/XSSTracer.git
+git clone https://github.com/1N3/MassBleed.git
 git clone https://github.com/1N3/SuperMicro-Password-Scanner
 git clone https://github.com/Dionach/CMSmap.git
+git clone https://github.com/0xsauby/yasuo.git
+git clone https://github.com/vishnuraju/Breach-Miner-automated-.git Breach-Miner
 mkdir loot
 chmod +rx sniper
 echo "Be sure to install the following packages manually and update the sniper script references: dig dnsdict6 cmsmap samrdump inurlbr wafw00f showmount samrdump rpcinfo snmpwalk"

diff --git a/loot/.fuse_hidden0000c11500000002 b/loot/.fuse_hidden0000c11500000002
@@ -0,0 +1,2 @@
+
+Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-10-03 19:12 EDT
diff --git a/loot/README b/loot/README
diff --git a/loot/README.md b/loot/README.md
@@ -0,0 +1,37 @@
++ -- --=[Sn1per v1.4 by 1N3
++ -- --=[http://crowdshield.com
+
+# Sn1per - Automated Pentest Recon Scanner
+
+## ABOUT:
+Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. 
+
+## FEATURES:
+* Automatically collects basic recon (ie. whois, ping, DNS, etc.)
+* Automatically launches Google hacking queries against a target domain
+* Automatically enumerates open ports
+* Automatically brute forces sub-domains and DNS info
+* Automatically runs targeted nmap scripts against open ports
+* Automatically scans all web applications for common vulnerabilities
+* Automatically brute forces all open services
+
+## INSTALL:
+```
+./install.sh - Installs all dependencies. Best run from Kali Linux. 
+```
+
+## USAGE:
+```
+./sn1per <target>
+```
+
+## SAMPLE REPORT:
+https://goo.gl/96LCAg
+
+## CHANGELOG:
+* v1.4 - Added Yasou for automatic web form brute forcing
+* v1.4 - Added MassBleed for SSL vulnerability detection
+* v1.4 - Added Breach-Miner for detection of breached accounts
+* v1.4 - Fixed minor errors with nmap
+* v1.4 - Removed debug output from goohak from displaying on console
+
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@

		Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-10-03 19:12 EDT