Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
51f7556a44 | ||
|
|
799ead64bb | ||
|
|
50e53b5f1e | ||
|
|
b13866c802 | ||
|
|
79b8e64c89 | ||
|
|
861c603c71 | ||
|
|
a4e8ef3983 | ||
|
|
1e68971255 | ||
|
|
3f556f2561 |
@@ -1,4 +1,6 @@
|
||||
## CHANGELOG:
|
||||
* v4.1 - Fixed a few bugs with various command line switches for airstrike and nuke modes.
|
||||
* v4.1 - Fixed issue with path relative file inclusion via the -f flag. You can now include just the local filename (sniper -f targets.txt).
|
||||
* v4.0 - Added new command switch options for all sniper scans (see --help for details)
|
||||
* v4.0 - Added HTML formatted report for all workspaces to display screenshots, headers, reports and open ports
|
||||
* v4.0 - Added optional scan options such as --recon, --osint, --fullportonly --bruteforce, etc. to selectively enable scan modules. (see --help for details)
|
||||
|
||||
BIN
Sn1per-logo.jpg
BIN
Sn1per-logo.jpg
Binary file not shown.
|
Before Width: | Height: | Size: 38 KiB |
11
TODO.md
11
TODO.md
@@ -1,19 +1,8 @@
|
||||
###TODO:
|
||||
|
||||
* Implement a module system for running specific commands/modules
|
||||
* Add checks to make sure all commands exist at startup. If not, refer to installer.
|
||||
* Add command line parsing of options/modes
|
||||
|
||||
sniper --target crowdshield.com --workspace crowdshield.com --report --bruteforce --web --recon --portscan
|
||||
sniper --target crowdshield.com --kalionly --offline --webportonly 443
|
||||
|
||||
* Create a sniper-kali release to only use base Kali image toolsets
|
||||
* Check if there's an active internet connection, if not, run offline mode
|
||||
* Add automatic reporting and workspace creation for all scans by default
|
||||
* Add proxy support for all scans
|
||||
* Create uninstall.sh script
|
||||
* Add AWS security checks
|
||||
* Look into adding aquatone
|
||||
* Look into adding gobuster
|
||||
* Update subdomain list with aquatone list
|
||||
* Increase thread count for file/dir brute force
|
||||
4
install.sh
Normal file → Executable file
4
install.sh
Normal file → Executable file
@@ -37,12 +37,8 @@ cp -Rf $PWD/* $INSTALL_DIR 2> /dev/null
|
||||
cd $INSTALL_DIR
|
||||
|
||||
echo -e "$OKORANGE + -- --=[Installing package dependencies...$RESET"
|
||||
<<<<<<< HEAD
|
||||
apt-get install eyewitness nodejs wafw00f xdg-utils metagoofil clusterd ruby rubygems python dos2unix zenmap sslyze arachni aha libxml2-utils rpcbind uniscan xprobe2 cutycapt unicornscan host whois dirb dnsrecon curl nmap php php-curl hydra iceweasel wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap
|
||||
apt-get install waffit 2> /dev/null
|
||||
=======
|
||||
apt-get install xdg-utils metagoofil clusterd ruby rubygems python dos2unix zenmap sslyze arachni aha libxml2-utils rpcbind uniscan xprobe2 cutycapt unicornscan host whois dirb dnsrecon curl nmap php php-curl hydra iceweasel wpscan sqlmap nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb sslscan amap nfs-common wafw00f
|
||||
>>>>>>> f450b78b5f346ea41df0cf44a70092a0d6fc9050
|
||||
pip install dnspython colorama tldextract urllib3 ipaddress requests
|
||||
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | bash
|
||||
|
||||
|
||||
BIN
sn1per-logo.png
BIN
sn1per-logo.png
Binary file not shown.
|
Before Width: | Height: | Size: 589 KiB |
60
sniper
60
sniper
@@ -3,7 +3,7 @@
|
||||
# + -- --=[http://crowdshield.com
|
||||
#
|
||||
|
||||
VER="4.0"
|
||||
VER="4.1"
|
||||
BROWSER="firefox" # SET DEFAULT BROWSER
|
||||
INSTALL_DIR="/usr/share/sniper"
|
||||
PLUGINS_DIR="/usr/share/sniper/plugins"
|
||||
@@ -217,7 +217,11 @@ case $key in
|
||||
shift # past argument
|
||||
;;
|
||||
-nl|--noloot)
|
||||
<<<<<<< HEAD
|
||||
LOOT="0"
|
||||
=======
|
||||
NOLOOT="1"
|
||||
>>>>>>> b13866c8026af59a392a05f3b2254c4a1f049c81
|
||||
shift # past argument
|
||||
;;
|
||||
-w|--workspace)
|
||||
@@ -234,7 +238,7 @@ case $key in
|
||||
;;
|
||||
*) # unknown option
|
||||
POSITIONAL+=("$1") # save it in an array for later
|
||||
echo "Unknown scan option...refer to the help menu for usage details."
|
||||
echo "Unknown scan option $POSITIONAL...refer to the help menu for usage details."
|
||||
exit
|
||||
shift # past argument
|
||||
;;
|
||||
@@ -310,14 +314,14 @@ function loot {
|
||||
echo -e "$OKORANGE + -- --=[Generating HTML Report...$RESET"
|
||||
echo "<html><head><style>table, th, td { border: 1px solid black; max-width: 1000px; align: center; } pre { white-space: pre-wrap; /* Since CSS 2.1 */ white-space: -moz-pre-wrap; /* Mozilla, since 1999 */ white-space: -pre-wrap; /* Opera 4-6 */ white-space: -o-pre-wrap; /* Opera 7 */ word-wrap: break-word; /* Internet Explorer 5.5+ */ }</style></head>
|
||||
<body><center><img src="$INSTALL_DIR/sn1per-logo.png"></img><br>--= [ by 1N3@CrowdShield - <a href="https://crowdshield.com" target="_new">https://crowdshield.com</a> ] =--<p></p>
|
||||
<a href="$LOOT_DIR/aquatone" target="_new">aquatone</a>
|
||||
<a href="$LOOT_DIR/burpsuite" target="_new">burpsuite</a>
|
||||
<a href="$LOOT_DIR/domains" target="_new">domains</a>
|
||||
<a href="$LOOT_DIR/nmap" target="_new">nmap</a>
|
||||
<a href="$LOOT_DIR/notes" target="_new">notes</a>
|
||||
<a href="$LOOT_DIR/output" target="_new">output</a>
|
||||
<a href="$LOOT_DIR/reports" target="_new">reports</a>
|
||||
<a href="$LOOT_DIR/screenshots" target="_new">screenshots</a>
|
||||
<a href="$LOOT_DIR/aquatone" target="_new">aquatone</a>
|
||||
<a href="$LOOT_DIR/burpsuite" target="_new">burpsuite</a>
|
||||
<a href="$LOOT_DIR/domains" target="_new">domains</a>
|
||||
<a href="$LOOT_DIR/nmap" target="_new">nmap</a>
|
||||
<a href="$LOOT_DIR/notes" target="_new">notes</a>
|
||||
<a href="$LOOT_DIR/output" target="_new">output</a>
|
||||
<a href="$LOOT_DIR/reports" target="_new">reports</a>
|
||||
<a href="$LOOT_DIR/screenshots" target="_new">screenshots</a>
|
||||
<a href="$LOOT_DIR/web" target="_new">web</a> <p></p>
|
||||
<h3>Last Report</h3>
|
||||
<iframe/src=\"`ls -lhtr $LOOT_DIR/reports/*.html | tail -n 1 | awk '{print $9}'`\" width=\"1500\" height=\"1000\"></iframe><p></p>
|
||||
@@ -329,8 +333,8 @@ function loot {
|
||||
</center>
|
||||
<table align=\"center\">" > $LOOT_DIR/sniper-report.html
|
||||
|
||||
for a in `ls $LOOT_DIR/screenshots/`; do
|
||||
TARGET=`echo $a | cut -d- -f1`
|
||||
for a in `ls $LOOT_DIR/screenshots/`; do
|
||||
TARGET=`echo $a | cut -d- -f1`
|
||||
echo "<tr><td width=\"500\"><br><h2 align=\"center\">$a</h2><br><a href=\"$LOOT_DIR/screenshots/$a\" target=\"_new\"><img src=\"$LOOT_DIR/screenshots/$a\" align=\"center\" height=\"425\" width=\"500\"></img></a></td>" >> $LOOT_DIR/sniper-report.html
|
||||
echo "<td width=\"1000\"><pre>" >> $LOOT_DIR/sniper-report.html
|
||||
cat $LOOT_DIR/web/headers-http*-$TARGET.txt >> $LOOT_DIR/sniper-report.html
|
||||
@@ -506,7 +510,7 @@ if [ "$MODE" = "webporthttp" ]; then
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED CHECKING HTTP HEADERS $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
curl --connect-timeout 1 -I -s -R http://$TARGET >> $LOOT_DIR/web/headers-http-$TARGET.txt
|
||||
curl --connect-timeout 1 -I -s -R http://$TARGET >> $LOOT_DIR/web/headers-http-$TARGET.txt
|
||||
echo -e "$OKBLUE+ -- --=[Checking if X-Content options are enabled on $TARGET...$RESET $OKORANGE"
|
||||
curl -s --insecure -I http://$TARGET:$PORT | egrep -i 'X-Content' | tail -n 10
|
||||
echo ""
|
||||
@@ -731,7 +735,7 @@ if [ "$MODE" = "webporthttps" ]; then
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED CHECKING HTTP HEADERS $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
curl --connect-timeout 1 -I -s -R https://$TARGET >> $LOOT_DIR/web/headers-https-$TARGET.txt
|
||||
curl --connect-timeout 1 -I -s -R https://$TARGET >> $LOOT_DIR/web/headers-https-$TARGET.txt
|
||||
echo -e "$OKBLUE+ -- --=[Checking if X-Content options are enabled on $TARGET...$RESET $OKORANGE"
|
||||
curl -s --insecure -I https://$TARGET:$PORT | egrep -i 'X-Content' | tail -n 10
|
||||
echo ""
|
||||
@@ -896,9 +900,6 @@ if [ "$MODE" = "stealth" ]; then
|
||||
if [ "$RECON" = "1" ]; then
|
||||
args="$args -re"
|
||||
fi
|
||||
if [ "$LOOT" = "1" ]; then
|
||||
args="$args -l"
|
||||
fi
|
||||
if [ ! -z "$WORKSPACE" ]; then
|
||||
args="$args -w $WORKSPACE"
|
||||
LOOT_DIR=$INSTALL_DIR/loot/workspace/$WORKSPACE
|
||||
@@ -1064,7 +1065,7 @@ if [ "$MODE" = "stealth" ]; then
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED CHECKING HTTP HEADERS AND METHODS $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
curl --connect-timeout 1 -I -s -R http://$TARGET >> $LOOT_DIR/web/headers-http-$TARGET.txt
|
||||
curl --connect-timeout 1 -I -s -R http://$TARGET >> $LOOT_DIR/web/headers-http-$TARGET.txt
|
||||
xsstracer $TARGET 80
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED SAVING SCREENSHOTS $RESET"
|
||||
@@ -1092,7 +1093,7 @@ if [ "$MODE" = "stealth" ]; then
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED CHECKING HTTP HEADERS AND METHODS $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
curl --connect-timeout 1 -I -s -R https://$TARGET >> $LOOT_DIR/web/headers-https-$TARGET.txt
|
||||
curl --connect-timeout 1 -I -s -R https://$TARGET >> $LOOT_DIR/web/headers-https-$TARGET.txt
|
||||
xsstracer $TARGET 443
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED GATHERING SSL/TLS INFO $RESET"
|
||||
@@ -1156,9 +1157,6 @@ if [ "$MODE" = "airstrike" ]; then
|
||||
if [ "$RECON" = "1" ]; then
|
||||
args="$args -re -m stealth"
|
||||
fi
|
||||
if [ "$LOOT" = "1" ]; then
|
||||
args="$args -l"
|
||||
fi
|
||||
if [ ! -z "$WORKSPACE" ]; then
|
||||
args="$args -w $WORKSPACE"
|
||||
WORKSPACE_DIR=$INSTALL_DIR/loot/workspace/$WORKSPACE
|
||||
@@ -1261,7 +1259,7 @@ if [ "$MODE" = "nuke" ]; then
|
||||
exit
|
||||
fi
|
||||
if [ "$REPORT" = "1" ]; then
|
||||
args="$args --noreport -m nuke -fp -b -o -r -re -l"
|
||||
args="$args --noreport -m nuke -fp -b -o -re"
|
||||
if [ ! -z "$WORKSPACE" ]; then
|
||||
args="$args -w $WORKSPACE"
|
||||
LOOT_DIR=$INSTALL_DIR/loot/workspace/$WORKSPACE
|
||||
@@ -1275,7 +1273,7 @@ if [ "$MODE" = "nuke" ]; then
|
||||
mkdir $LOOT_DIR/reports 2> /dev/null
|
||||
mkdir $LOOT_DIR/output 2> /dev/null
|
||||
fi
|
||||
sniper -f $(realpath $TARGET) $args | tee $LOOT_DIR/output/sniper-$(basename $TARGET)-$MODE-`date +%Y%m%d%H%M`.txt 2>&1
|
||||
sniper -f $(realpath $FILE) $args | tee $LOOT_DIR/output/sniper-$MODE-`date +%Y%m%d%H%M`.txt 2>&1
|
||||
exit
|
||||
fi
|
||||
for a in `cat $(realpath $FILE)`; do
|
||||
@@ -1337,9 +1335,6 @@ if [ "$REPORT" = "1" ]; then
|
||||
if [ ! -z "$WORKSPACE" ]; then
|
||||
args="$args -w $WORKSPACE"
|
||||
fi
|
||||
if [ "$LOOT" = "1" ]; then
|
||||
args="$args -l"
|
||||
fi
|
||||
args="$args --noreport"
|
||||
sniper $args | tee $LOOT_DIR/output/sniper-$TARGET-`date +%Y%m%d%H%M`.txt 2>&1
|
||||
exit
|
||||
@@ -1456,9 +1451,9 @@ fi
|
||||
echo -e "$OKRED RUNNING UDP PORT SCAN $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
if [ -z "$PORT" ]; then
|
||||
nmap -sU -T5 --open -Pn -p $DEFAULT_UDP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-udp-$TARGET.xml
|
||||
nmap -sU -T5 --open -Pn -p $DEFAULT_UDP_PORTS $TARGET -oX $LOOT_DIR/nmap/nmap-udp-$TARGET.xml
|
||||
else
|
||||
nmap -sU -T5 --open -Pn -p $PORT $TARGET -oX $LOOT_DIR/nmap/nmap-udp-$TARGET.xml
|
||||
nmap -sU -T5 --open -Pn -p $PORT $TARGET -oX $LOOT_DIR/nmap/nmap-udp-$TARGET.xml
|
||||
fi
|
||||
|
||||
echo ""
|
||||
@@ -1626,7 +1621,7 @@ else
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED CHECKING HTTP HEADERS $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
curl --connect-timeout 1 -I -s -R http://$TARGET >> $LOOT_DIR/web/headers-http-$TARGET.txt
|
||||
curl --connect-timeout 1 -I -s -R http://$TARGET >> $LOOT_DIR/web/headers-http-$TARGET.txt
|
||||
echo -e "$OKBLUE+ -- --=[Checking if X-Content options are enabled on $TARGET...$RESET $OKORANGE"
|
||||
curl -s --insecure -I http://$TARGET | egrep -i 'X-Content' | tail -n 10
|
||||
echo ""
|
||||
@@ -1868,7 +1863,7 @@ else
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
echo -e "$OKRED CHECKING HTTP HEADERS $RESET"
|
||||
echo -e "${OKGREEN}====================================================================================${RESET}"
|
||||
curl --connect-timeout 1 -I -s -R https://$TARGET >> $LOOT_DIR/web/headers-https-$TARGET.txt
|
||||
curl --connect-timeout 1 -I -s -R https://$TARGET >> $LOOT_DIR/web/headers-https-$TARGET.txt
|
||||
echo -e "$OKBLUE+ -- --=[Checking if X-Content options are enabled on $TARGET...$RESET $OKORANGE"
|
||||
curl -s --insecure -I https://$TARGET | egrep -i 'X-Content' | tail -n 10
|
||||
echo ""
|
||||
@@ -2498,4 +2493,5 @@ if [ "$LOOT" = "1" ] && [ -z "$NOLOOT" ]; then
|
||||
loot
|
||||
fi
|
||||
|
||||
exit 0
|
||||
exit 0
|
||||
|
||||
|
||||
0
uninstall.sh
Normal file → Executable file
0
uninstall.sh
Normal file → Executable file
Reference in New Issue
Block a user