7 jun. 2017

Penetration Test con Sn1per

Sn1per es un scanner automatizado para realizar Penetration Test y sobre todo las tareas de enumeración y análisis de vulnerabilidades.
git clone https://github.com/1N3/Sn1per.git 
sniper blabla.com
Las herramientas incluidas en Sn1per son las siguientes:
  • Collects basic recon (ie. whois, ping, DNS, etc.)
  • Launches Google hacking queries against a target domain
  • Enumerates open ports via NMap port scanning
  • Brute forces sub-domains, gathers DNS info and checks for zone transfers
  • Checks for sub-domain hijacking
  • Runs targeted NMap scripts against open ports
  • Runs targeted Metasploit scan and exploit modules
  • Scans all web applications for common vulnerabilities
  • Brute forces ALL open services
  • Test for anonymous FTP access
  • Runs WPScan, Arachni and Nikto for all web services
  • Enumerates NFS shares
  • Test for anonymous LDAP access
  • Enumerate SSL/TLS ciphers, protocols and vulnerabilities
  • Enumerate SNMP community strings, services and users
  • List SMB users and shares, check for NULL sessions and exploit MS08-067
  • Exploit vulnerable JBoss, Java RMI and Tomcat servers
  • Tests for open X11 servers
  • Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds
  • Performs high level enumeration of multiple hosts and subnets
  • Integrates with Metasploit Pro, MSFConsole and Zenmap for reporting
  • Gathers screenshots of all web sites
  • Create individual workspaces to store all scan output

Suscríbete a nuestro Boletín

0 comentarios:

Publicar un comentario

Gracias por dejar un comentario en Segu-Info.

Gracias por comentar!