Sn1per Recommended Hacking Tutorial
SaintDruG, the guy narrating the video is a friend of ours (when I say “ours” I mean my brother and I).
When we first launched this site (same domain “concise-courses.com”) it was one of the first resources for Hacking Courses – waaay before sites like Cybrary and Udemy were around.
SaintDrug is a highly talented hacker and penetration tester with a ton of experience to share and in this video he shares some of the best feature of Sn1per, which coincidentally is a favorite of mine.
Also! If you’re interested: I interviewed the lead developer of Sn1per, check it out!
Sn1per: An Overview
Sniper is basically a multi-tasked hacking tool. Its primary focus is as a reconnaissance tool and it excels at being able to effectively gather recon intel and then you can perform certain attacks.
This tool does also allows automated attacks. You also have the ability to choose whether you want to be passive or offensive with your attacking.
Of interest the tool works with Metasploit and Nmap. One of the things I like is that you can combine it with tools like WPScan and Arachni.
From Version 7 Sn1per has had impressive reporting which if you’re a Penetration Tester will help you prepare your reports.
To start Sn1per use this command:
sniper -t 18.104.22.168
There are different ways to run it so you should take a look at the -help options and get it just the way you want it. When it first loads there are configurations files that fire-up automation hosts such as port-pinging (using Nmap). This is a great feature (that it startsup without too much tweaking) because it works in real-time, meaning that a competent hacker will be able to perform hacks in a “live mode”.
The ports that are pre-configured (via extension .nse) are the ones that you’d expect to see when seeking open ports for offensive scans.
The cool thing is that when you see the scans take place you can see take a note and tweak your findings.
Sn1per works great for this resource for Web Application Scanning and CMS securing.
At the end of the scan you can have the results egressed via an XML file which you can then load in Metasploit.
The options to hack with Sn1per are endless and it is absolutely a fantastic tool to get to know and work with – highly recommended.