Find website security vulnerability using scanning tool- SN1PER
In today’s cyber scenario there are numbers of attackers who use the information as vulnerability and exploit the organization’s system, website etc The need of information gathering tool is important for the organization so that they can know what the loophole is in the system We will see how we can Find website security vulnerability using scanning tool- SN1PER
This article is about the information gathering and pen test through the tool named Sn1per which will include the modes and different commands to collect the data.
What is Information Gathering?
Information gathering in context of sn1per tool is the collection of data of the various website regarding the target website such as its IP addresses, Name, address, target port, target, and open port number etc.
What is pen test?
Pentest is known as penetration testing. It is a process of finding out the vulnerability in the security system or in the organization’s operating system that attacker could exploit. The types of pen test are there.
Website vulnerability scanner tool- Sn1per
Sniper is an automated tool which works for collecting information for exploration and
penetration testing which was created by 1N3
It collects active as well as passive information about the target. It also includes many well known
tools such as: amap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero,
hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap, sslscan, theharvester,
w3af, wapiti, whatweb, whois, nikto, wpscan.d during a penetration test to enumerate and
scan for vulnerabilities.
Features of SN1PER
Following are the features which are performed by the tool sn1per
1. It automatically collects recon (ie. whois, ping, DNS, etc.)
2. It Automatically launches Google hacking queries against a target domain
3. It Automatically enumerates open ports
4. It Automatically brute forces sub-domains and DNS info
5. It Automatically checks for sub-domain hijacking
6. It Automatically runs targeted NMap scripts against open ports
7. It Automatically runs targeted Metasploit scan and exploit modules
8. It Automatically scans all web applications for common vulnerabilities
9. It Automatically brute forces all open services
10. It Automatically exploit remote hosts to gain remote shell access
11. It Performs high level enumeration of multiple hosts
12. It Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
13. It Automatically integrates with Metasploit Pro, MSFConsole and Zenmap for
reporting
14. It Create individual workspaces to store all scan output
Installation of Sn1per
Open the Firefox the Kali Linux, type https://github.com/1N3/Sn1per in the URL bar
and click on the clone/download and copy the clone with HTTPS.
Open the terminal and paste the copied link with the command git clone
Open the file in the terminal where it is placed for the further installation process.
After running it into the terminal run command ls3 and then command +x install.sh
and then ./install.sh and then press enter it will ask for the permission to continue.
Ls command is used for listing directory contents of files and directories.
To continue with the process press y and then again press Y to complete the
installation process.
Find website security vulnerability using scanning tool- SN1PER
Modes of SN1PER
REPORT: Outputs all results to text in the loot directory for later reference. To enable reporting, append ‘report’ to any sniper mode or command Command : sniper <target><report>
STEALTH: Quickly enumerate single targets using mostly non-intrusive scans to avoid WAF/IPS blocking. Command : sniper <target>stealth<report>
DISCOVER: Parses all hosts on a subnet/CIDR (i.e. 192.168.0.0/16) and initiates a sniper scan against each host. Useful for internal network scans. Command: sniper<CIDR> discover
4. PORT: Scans a specific port for vulnerabilities. Reporting is not currently available in this mode. Command: sniper<target> port<portnum>
5. FULLPORTONLY: Performs a full detailed port scan and saves results to XML. Command: sniper <target>fullportonly<portnum>
6. WEB: Adds full automatic web application scans to the results (port 80/tcp & 443/tcp only). Ideal for web applications but may increase scan time significantly. Command: sniper<target> web<report>
7. WEBPORTHTTP: Launches a full HTTP web application scan against a specific host and port. Command: sniper <target>webporthttp<port>
8. WEBPORTHTTPS: Launches a full HTTPS web application scan against a specific host and port. Command: sniper<target> webporthttps<port>
9. NOBRUTE: Launches a full scan against a target host/domain without brute forcing services. Command: sniper <target>nobrute<report>
10. AIRSTRIKE: Quickly enumerates open ports/services on multiple hosts and performs basic fingerprinting. To use, specify the full location of the file which contains all hosts, IP’s that need to be scanned and run. /sn1per /full/path/to/targets.txt airstrike to begin scanning. Command: sniper <target.txt>airstrike<report>
11. NUKE: Launch full audit of multiple hosts specified in the text file of choice. Usage example: ./sniper /pentest/loot/targets.txt nuke. Command: sniper<target.txt> nuke<report>
12. LOOT: Automatically organizes and displays loot folder in your browser and opens Metasploit Pro and Zenmap GUI with all port scan results. Command: sniper loot
13. UPDATE: Checks for updates and upgrades all components used by the sniper. Command: sniper update.
NOTE- for security reason, we cannot show you the proper scanning of any targeted website. we have shown you how to install Website vulnerability scanner tool- Sn1per followed by some modes for scanning. Just you have to type those command in the terminal.
like, The report syntax will help in collecting the information of the target which will include open port number name, address, and virtual host name IPs, and much other information by running the command: sniper<target><report>
hope, now you have a better understanding of how we can Find website security vulnerability using scanning tool- SN1PER
You can also check another article on Best Information Gathering Tool -Maltego CE