Sn1per Versions Save

Attack Surface Management Platform

v9.2

7 months ago

CHANGELOG:

  • v9.2 - Added Tomba.io API integration via OSINT mode (Credit: @benemohamed)
  • v9.2 - Fixed issue with gau tool not installing and updated GAU setting in confs
  • v9.2 - Updated python2 to python3
  • v9.2 - Removed Slurp tool
  • v9.2 - Added BlackArch Dockerfile (Credit: @AnonymousWP)
  • v9.2 - Updated DockerFile to latest Kali release (Credit: @AnonymousWP)

v9.1

1 year ago

CHANGELOG:

  • v9.1 - Fixed issue with dirsearch installation/command syntax update
  • v9.1 - Updated Nuclei sc0pe templates
  • v9.1 - Fixed issue with Nuclei sc0pe parsers not working
  • v9.1 - Fixed issue with GAU installer/commmand not working
  • v9.1 - Fixed issue with passive URL fetching
  • v9.1 - Fixed issue with nuclei not being installed
  • v9.1 - Removed error in hackertarget URL fetching
  • v9.1 - Added dnsutils to installer to fix missing deps
  • v9.1 - Fixed issue with gau in webscan modes not running
  • v9.1 - Updated subfinder to latest version
  • v9.1 - Added new email spoofing security checks to OSINT mode (-o)
  • v9.1 - Removed spoofcheck.py
  • v9.1 - Updated timeout settings for curl which was causing sockets/scans to hang
  • v9.1 - Fixed issue with Nuclei symlink missing in installer
  • v9.1 - Fixed issue with Nuclei sc0pe parser not parsing results correctly
  • v9.1 - Fixed issue with Dirsearch not running due to invalid command settings
  • v9.1 - Fixed issue with Nuclei templates not being installed
  • v9.1 - Fixed issue with enum4linux command not being installed
  • v9.1 - Fixed HackerTarget API integration
  • v9.1 - Fixed issue with ping command not being installed
  • v9.1 - Fixed issue with carriage returns in conf
  • v9.1 - Fixed issue with DNS resolution in 'discover' mode scans causing duplicate hosts
  • v9.1 - Fixed issue with bruteforce running automatically due to changes in conf file
  • v9.1 - Added verbose scan notifications for disabled conf options
  • v9.1 - Updated default aux mode options in default sniper.conf

v9.0

3 years ago

CHANGELOG:

  • v9.0 - Added Fortinet FortiGate SSL VPN Panel Detected sc0pe template
  • v9.0 - Added CVE-2020-17519 - Apache Flink Path Traversal sc0pe template
  • v9.0 - Added RabbitMQ Management Interface Detected sc0pe template
  • v9.0 - Added CVE-2020-29583 Zyxel SSH Hardcoded Credentials via BruteX
  • v9.0 - Removed vulnscan NMap CSV updates/downloads to save space/bandwidth
  • v9.0 - Added Nuclei sc0pe parser
  • v9.0 - Added Nuclei vulnerability scanner
  • v9.0 - Added Wordpress WPScan sc0pe vulnerability parser
  • v9.0 - Fixed issue with wrong WPscan API key command
  • v9.0 - Added CVE-2020-11738 - WordPress Duplicator plugin Directory Traversal sc0pe template
  • v9.0 - Renamed AUTO_VULNSCAN setting to "VULNSCAN" in sniper.conf to perform vulnerability scans via 'normal' mode

v8.9

3 years ago

CHANGELOG:

  • v8.9 - Tuned sniper.conf around performance for all scans and recon modes
  • v8.9 - Added out of scope options to sniper.conf
  • v8.9 - Added automatic HTTP/HTTPS web scans and vulnerability scans to 'normal' mode
  • v8.9 - Added SolarWinds Orion Panel Default Credentials sc0pe template
  • v8.9 - Added SolarWinds Orion Panel sc0pe template
  • v8.9 - Fixed issue with theHarvester not running on Kali 2020.4
  • v8.9 - Added WPScan API support to sniper.conf
  • v8.9 - Added CVE-2020-8209 - XenMobile-Citrix Endpoint Management Config Password Disclosure sc0pe template
  • v8.9 - Added CVE-2020-8209 - XenMobile-Citrix Endpoint Management Path Traversal sc0pe template
  • v8.9 - Removed verbose error for chromium on Ubuntu
  • v8.9 - Added CVE-2020-8209 - Citrix XenMobile Server Path Traversal sc0pe template
  • v8.9 - Fixed F+ in CSP Not Enforced sc0pe template
  • v8.9 - Added CVE-2020-14815 - Oracle Business Intelligence Enterprise DOM XSS sc0pe template
  • v8.9 - Fixed issue with dnscan not working in Kali 2020.3
  • v8.9 - Fixed issue with screenshots not working in Ubuntu 2020
  • v8.9 - Added Frontpage Service Password Disclosure sc0pe template
  • v8.9 - Removed Yasuo tool

v8.8

3 years ago

CHANGELOG:

  • v8.8 - Fixed issue with webscreenshot on Kali 2020.3+
  • v8.8 - Fixed error in install.sh for theharvester sym link
  • v8.8 - Fixed issue with flyover mode not capturing web screenshots
  • v8.8 - Added automatic 'flyover' scans of all discovered domains for 'recon' mode
  • v8.8 - Added static grep searching rules of all URL's and sub-domains (see sniper.conf for details)
  • v8.8 - Added verbose status logging to flyover mode showing HTTP status/redirect/title, etc.
  • v8.8 - Added integration for Port Scanner Add-on for Sn1per Professional
  • v8.8 - Added enhanced scanning of all unique dynamic URL's via InjectX fuzzer
  • v8.8 - Added CVE-2020-25213 - WP File Manager File Upload sc0pe template
  • v8.8 - Added cPanel Login Found sc0pe template
  • v8.8 - Added Wordpress WP-File-Manager Version Detected sc0pe template
  • v8.8 - Added VMware vCenter Unauthenticated Arbitrary File Read sc0pe template
  • v8.8 - Added PHP Composer Disclosure sc0pe template
  • v8.8 - Added Git Config Disclosure sc0pe template
  • v8.8 - Added updated NMap vulscan DB files
  • v8.8 - Added CVE-2020-9047 - exacqVision Web Service Remote Code Execution sc0pe template
  • v8.8 - Removed UDP port scan settings/options and combined with full portscan ports
  • v8.8 - Added CVE-2019-8442 - Jira Webroot Directory Traversal sc0pe template
  • v8.8 - Added CVE-2020-2034 - PAN-OS GlobalProtect OS Command Injection sc0pe template
  • v8.8 - Added CVE-2020-2551 - Unauthenticated Oracle WebLogic Server Remote Code Execution sc0pe template
  • v8.8 - Added CVE-2020-14181 - User Enumeration Via Insecure Jira Endpoint sc0pe template
  • v8.8 - Added Smuggler HTTP request smuggling detection
  • v8.8 - Added CVE-2020-0618 - Remote Code Execution SQL Server Reporting Services sc0pe template
  • v8.8 - Added CVE-2020-5412 - Full-read SSRF in Spring Cloud Netflix sc0pe template
  • v8.8 - Added Jaspersoft Detected sc0pe template
  • v8.8 - Added improved dirsearch exclude options to all web file/dir searches
  • v8.8 - Fixed naming conflict for theharvester
  • v8.8 - Created backups of all NMap HTML reports for fullportonly scans
  • v8.8 - Added line limit to GUA URL's displayed in console

v8.7

3 years ago

CHANGELOG:

  • v8.7 - Updated web file bruteforce lists
  • v8.7 - Added updated Slack API integration/notifications
  • v8.7 - Added Arachni, Nikto, Nessus, NMap + 20 passive sc0pe vulnerability parsers
  • v8.7 - Added CVE-2020-15129 - Open Redirect In Traefik sc0pe template
  • v8.7 - Added MobileIron Login sc0pe template
  • v8.7 - Added Revive Adserver XSS sc0pe template
  • v8.7 - Added IceWarp Webmail XSS sc0pe template
  • v8.7 - Added Mara CMS v7.5 XSS sc0pe template
  • v8.7 - Added Administrative Privilege Escalation in SAP NetWeaver sc0pe template
  • v8.7 - Added Magento 2.3.0 SQL Injection sc0pe template
  • v8.7 - Added CVE-2020-15920 - Unauthenticated RCE at Mida eFramework sc0pe template
  • v8.7 - Added CVE-2019-7192 - QNAP Pre-Auth Root RCE sc0pe template
  • v8.7 - Added CVE-2020-10204 - Sonatype Nexus Repository RCE sc0pe template
  • v8.7 - Added CVE-2020-13167 - Netsweeper WebAdmin unixlogin.php Python Code Injection sc0pe template
  • v8.7 - Added CVE-2020-2140 - Jenkin AuditTrailPlugin XSS sc0pe template
  • v8.7 - Added CVE-2020-7209 - LinuxKI Toolset 6.01 Remote Command Execution sc0pe template
  • v8.7 - Added CVE-2019-16662 - rConfig 3.9.2 Remote Code Execution sc0pe template
  • v8.7 - Added Sitemap.xml Detected sc0pe template
  • v8.7 - Added Robots.txt Detected sc0pe template
  • v8.7 - Added AWS S3 Public Bucket Listing sc0pe template
  • v8.7 - Fixed logic error in stealth mode recon scans not running
  • v8.7 - Added CVE-2020-7048 - WP Database Reset 3.15 Unauthenticated Database Reset sc0pe template
  • v8.7 - Fixed F- detection in Wordpress Sc0pe templates
  • v8.7 - Added CVE-2020-11530 - Wordpress Chop Slider 3 Plugin SQL Injection sc0pe template
  • v8.7 - Added CVE-2019-11580 - Atlassian Crowd Data Center Unauthenticated RCE sc0pe template
  • v8.7 - Added CVE-2019-16759 - vBulletin 5.x 0-Day Pre-Auth Remote Command Execution Bypass sc0pe template

v8.6

3 years ago

CHANGELOG:

  • v8.6 - Added new Sn1per configuration flow that allows persistent user configurations and API key transfer
  • v8.6 - Updated port lists to remove duplicate ports error and slim down list
  • v8.6 - Updated PHP to 7.4
  • v8.6 - Added CVE-2020-12720 - vBulletin Unauthenticaed SQLi
  • v8.6 - Added CVE-2020-9757 - SEOmatic < 3.3.0 Server-Side Template Injection
  • v8.6 - Added CVE-2020-1147 - Remote Code Execution in Microsoft SharePoint Server
  • v8.6 - Added CVE-2020-3187 - Citrix Unauthenticated File Deletion
  • v8.6 - Added CVE-2020-8193 - Citrix Unauthenticated LFI
  • v8.6 - Added CVE-2020-8194 - Citrix ADC & NetScaler Gateway Reflected Code Injection
  • v8.6 - Added CVE-2020-8982 - Citrix ShareFile StorageZones Unauthenticated Arbitrary File Read
  • v8.6 - Added CVE-2020-9484 - Apache Tomcat RCE by deserialization
  • v8.6 - Added Cisco VPN scanner template
  • v8.6 - Added Tiki Wiki CMS scanner template
  • v8.6 - Added Palo Alto PAN OS Portal scanner template
  • v8.6 - Added SAP NetWeaver AS JAVA LM Configuration Wizard Detection
  • v8.6 - Added delete task workspace function to remove running tasks
  • v8.6 - Added CVE-2020-3452 - Cisco ASA/FTD Arbitrary File Reading Vulnerability Sc0pe template
  • v8.6 - Updated theharvester command to exclude github-code search
  • v8.6 - Updated theharvester installer to v3.1
  • v8.6 - Added urlscan.io API to OSINT mode (-o)
  • v8.6 - Added OpenVAS package to install.sh
  • v8.6 - Added Palo Alto GlobalProtect PAN-OS Portal Sc0pe template
  • v8.6 - Fixed issue with Javascript downloader downloading localhost files instead of target
  • v8.6 - Added CVE-2020-5902 F5 BIG-IP RCE sc0pe template
  • v8.6 - Added CVE-2020-5902 F5 BIG-IP XSS sc0pe template
  • v8.6 - Added F5 BIG-IP detection sc0pe template
  • v8.6 - Added interesting ports sc0pe template
  • v8.6 - Added components with known vulnerabilities sc0pe template
  • v8.6 - Added server header disclosure sc0pe template
  • v8.6 - Added SMBv1 enabled sc0pe template
  • v8.6 - Removed verbose comment from stealth scan

v8.5

3 years ago

CHANGELOG:

  • v8.5 - Added manual installer for Metasploit
  • v8.5 - Added Phantomjs manual installer
  • v8.5 - Added sc0pe template to check for default credentials via BruteX
  • v8.5 - Added fullportscans to all 'web' mode scans to ensure full port coverage
  • v8.5 - Fixed issue with 2nd stage OSINT scans not running
  • v8.5 - Added port values to sc0pe engine to define port numbers
  • v8.5 - Fixed issue with LinkFinder not working
  • v8.5 - Fixed issue with Javascript link parser
  • v8.5 - Added phantomjs dependency to fix webscreenshots on Ubuntu
  • v8.5 - Added http-default-accounts NMap NSE to check for default web credentials
  • v8.5 - Fixed several issues with install.sh to resolve deps on Ubuntu and Kali 2020.2
  • v8.5 - Removed larger wordlists to reduce install size of Sn1per
  • v8.5 - Added 20+ new active/passive sc0pe templates
  • v8.5 - Fixed issue with installer on latest Kali and Docker builds
  • v8.5 - Fixed custom installer for Arachni
  • v8.5 - Fixed Dockerfile with updated Kali image (CC. @stevemcilwain)

v8.4

3 years ago

CHANGELOG:

  • v8.4 - Added project "Sc0pe" active/passive vulnerability scanner
  • v8.4 - Added 68 new active sc0pe templates
  • v8.4 - Added 14 new passive sc0pe templates
  • v8.4 - Added OWASP ZAP API integration
  • v8.4 - Added 8 new Sn1per configuration templates (see /usr/share/sniper/conf/)
  • v8.4 - Added Gau (https://github.com/lc/gau)
  • v8.4 - Added rapiddns subdomain retrieval
  • v8.4 - Updated web content wordlists
  • v8.4 - Improved efficiency of 'web' and 'recon' mode scans
  • v8.4 - Disabled legacy Metasploit web exploits (check Sn1per conf to re-enable)
  • v8.4 - Fixed issue with dirsearch asterisk being used incorrectly
  • v8.4 - Fixed issue with airstrike mode not updated Sn1per Professional v8.0 host list
  • v8.4 - Fixed issue with webtech re.error: invalid group reference 1 at position 130

v8.3

3 years ago

CHANGELOG:

  • v8.3 - Added Github subdomain retrieval (requires API key/conf options enabled)
  • v8.3 - Added NMAP_OPTIONS setting to sniper.conf to configure optional NMap scan settings
  • v8.3 - Added option to specify custom Sn1per configuration via (-c) switch
  • v8.3 - Created several custom config files to select from, including: bug_bounty_quick, bug_bounty_max_javascript, super_stealth_mode, webpwn_only + more
  • v8.3 - Added workspace --export option to backup/export a workspace
  • v8.3 - Added flyover mode tuning options to sniper.conf
  • v8.3 - Added GitGraber automated Github leak search (https://github.com/hisxo/gitGraber)
  • v8.3 - Added static Javascript parsing for sub-domains, URL's, path relative links and comments
  • v8.3 - Added js-beautifier
  • v8.3 - Added LinkFinder Javascript link finder (https://github.com/GerbenJavado/LinkFinder)
  • v8.3 - Added fprobe HTTP probe checker (https://github.com/theblackturtle/fprobe)
  • v8.3 - Added Cisco RV320 and RV325 Unauthenticated Remote Code Execution CVE-2019-1653 MSF exploit
  • v8.3 - Improved performance of 'stealth' and 'recon' modes
  • v8.3 - Updated default port lists
  • v8.3 - Improved performance of all port scans
  • v8.3 - Removed all pip v2 commands from installer
  • v8.3 - Added fix for missing Amass package
  • v8.3 - Added sniper.conf options for OPENVAS_HOST and OPENVAS_PORT selection for remote instances
  • v8.3 - Improved 'vulnscan' mode via OpenVAS to scan the same asset multiple times with improved error handling