docker run -it --rm xer0dayz/sn1per /sniper/sniper -t <target_url>

Description

Sn1per is an automated scanner that can automate the process of collecting data for the exploration and penetration testing.

In their work sn1per involves such well-known tools like: amap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero, hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap, sslscan, theharvester, w3af, wapiti, whatweb, whois, nikto, wpscan.d during a penetration test to enumerate and scan for vulnerabilities.

Features:

Attack Surface Discovery

Easily discover the attack surface (IPs, domain names, open ports, HTTP headers, etc.).

Penetration Testing

Automate the discovery of vulnerabilities and ethical exploitation using the latest hacking and open source security tools.

Visual Recon

Perform visual recon against all hosts in your workspace using the Slideshow widget and thumbnails.

IT Asset Inventory

Search, sort and filter for DNS, IP, title, status, server headers, WAF and open TCP/UDP ports of the entire attack surface inventory.

Red Team

Strengthen "blue team" response and detection capabilities against automated penetration testing techniques.

Notepad

Store and access multiple notes in a single location to help manage your data and keep things organized.

Vulnerability Management

Quickly scan for the latest vulnerabilities and CVEs using the latest commercial and open source vulnerability scanners.

Web Application Scans

Launch web application scans via Burpsuite Professional 2.x, Arachni and Nikto.

Reporting

Export the entire attack surface host list and vulnerability reports to CSV, XLS or PDF format to filter, sort and view all attack surface data.

OSINT Collection

Collect online documents, meta data, email addresses and contact information automatically.

Continuous Scan Coverage

Schedule scans on a daily, weekly or monthly basis for continuous coverage for changes.

Bug Bounty

Automate the discovery of the attack surface and scan for the latest vulnerabilities and CVEs easily.

Notifications & Changes

Receive notifications for scan and host status changes, URL and domain changes and new vulnerabilities discovered.

Domain Takeovers

List all DNS records vulnerable to domain hijacking and takeover.