Sn1per Professional Documentation
The official Sn1per Professional attack surface management platform manual.
1) What is Sn1per?
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is XeroSecurity’s premium reporting add-on for professional penetration testers, bug bounty researchers and Corporate security teams to manage large environments and pentest scopes.
2) I have Sn1per Professional installed. Can I still apply updates from Sn1per Community Edition on GitHub?
Yes, updating Sn1per Community Edition will not effect your Sn1per Professional installation in any way. You can still get all the benefits of the Community Edition with your Professional installation.
3) I received an error XYZ in the Sn1per Community Edition script. Should I contact [email protected] with the error message?
Premium support via [email protected] is only offered to Sn1per Professional licenses and for the pro.sh script (Professional portion) only. For all other Sn1per related issues, please submit an issue ticket at https://github.com/1N3/Sn1per/.
4) Can I run Sn1per on other operating systems other than Kali Linux or Debian?
Sn1per was designed to run on the latest Kali Linux image, and because of its dependencies we only provide support for installations under these operating systems. For all other operating systems, we require Sn1per to be installed via Docker.
5) How does the Professional version differ from the Community version?
The short answer… the Professional version requires a paid license that provides you with a professional reporting interface generated from each scan (and top notch customer support). For the long answer, we encourage you to click around the site and learn more about Sn1per Professional.
6) Help! My scanner appears to be stuck when running a scan.
If you are certain your scanner is stuck (keep in mind some scans can take longer than others), it can often mean you are being blocked by the target. In either case, you should be able to bypass this by typing “killall nmap”. Another alternative is in a separate terminal, run sniper –status to get the PIDs of any running sniper processes. Run kill-9 <PID> to kill off the problematic process to allow the scan to continue.
7) When will the next version of Sn1per Professional be released?
We don’t publish a schedule, but if you want to be the first to know make sure you sign up for our newsletter or follow us on Twitter.
8) How is the price of Sn1per Professional determined?
Prices reflect the value the product gives you (such as more features and functionality). Each product is priced per license. If you need more than one user you would need to adjust your cart quantity accordingly.
9) How many people can use Sn1per Professional?
Our licenses are single user, that means it is just for you – one person. If you need to purchase one for you and your friend, you will need to purchase multiple single user licenses.
10) Can I install Sn1per Professional on multiple computers using the same license?
While Sn1per Professional is a single user license, we do limit the number of systems you may install it on to 5 systems per license.
11) How long do you support previous versions of Sn1per Professional?
We maintain usability in previous versions as long as possible and guarantee a minimum functionality for up to 6 months from the purchase date.
Note: Customer service/troubleshooting on our products are only supported for 30 days for Sn1per Professional and 6 months for Sn1per Enterprise customers.
12) What is the difference between Sn1per Community and Sn1per Professional?
There are two components to Sn1per:
- Sn1per Community Edition which is found on GitHub and makes up the scan engine/terminal application of Sn1per.
- Sn1per Professional is comprised of the web UI/reporting front end to Sn1per and works in conjuction to the scan engine found in the Community Edition.
These two components are independent of each other and function together to provide additional functionality and value as seen below. The versions of both components do not necessarily always match or need to in order to function.
For all issues related to the Community Edition (scan engine), we ask that users open a new GitHub issue here (https://github.com/1N3/Sn1per) for assistance. Premium support at [email protected] is only provided for the web reporting interface (Sn1per Professional).
1) I sent my Paypal/credit card payment, but haven’t received a download link yet. What should I do?
A download link will be provided within 24-48 hours upon receipt of payment. If you still have not received a download link after 48 hours, please contact [email protected]
2) Is there a monthly fee to use Sn1per Professional?
There are no monthly fees to use Sn1per Professional. Once you buy a Sn1per Professional license, your license will remain forever for the version purchased (ie. v8.0); however we can only guarantee functionality for up to 6 months from the purchase date.
3) How do I upgrade/get new features of a Sn1per Professional version? Is there a discount to upgrade from an older version?
You will need to purchase the new version of Sn1per Professional when it is released. Currently there is no discount for upgrading from an older version.
4) Do you offer product promotions?
The best way to keep up to date on promotions, updates, new product offerings, etc. is to join our mailing list. You will be the first one to know!
5) Do you accept payment in Bitcoin (BTC) or other cryptocurrencies?
Unfortunately we do not accept payments via BTC or cryptocurrencies at this time.
6) Do you offer refunds?
Due to the nature of software we cannot provide refunds on digital products.
7) Do you offer free trials or demo’s for Sn1per Professional?
We don’t currently offer demos for Sn1per Professional. However, we have created several demo videos of Sn1per Professional here https://www.youtube.com/watch?v=K-8QHDafhcA&list=PL40Vp978dDP9KX2V3VLnNzgJuf4nJrRo9&index=2&t=0s which give a good overview of the product and features.
8) Where can I buy Sn1per Professional?
The only official method to purchase Sn1per Professional is from our online shop. We do not authorize 3rd party resellers to sell our products on their website or any other medium.
Sn1per Professional requires the following to run correctly:
- A Kali Linux operating system (ie. Kali 2021.x), Ubuntu 2020.4, or the official Sn1per Docker image (https://hub.docker.com/r/xerosecurity/sn1per).
Note: Only the specified Kali Linux, Ubuntu and Docker installations are supported under our customer service agreement.
- “root” user access to the host OS & sudo access to Apache.
- Recommended resolution: 1920 x 1080 or larger
- Firefox/Edge/IE web browser (Chrome brower is not currently supported).
- The latest Sn1per Community Edition from https://github.com/1N3/Sn1per installed to /usr/share/sniper/
- An active internet connection.
Install Using Docker
To install Sn1per Professional using Docker, run the following commands from a docker terminal:
docker pull xerosecurity/sn1per docker run -p 1337:1337 -it xerosecurity/sn1per /bin/bash
This will give you a root prompt within the container.
From here, run the activation.sh script/command you received with your order to install Sn1per Professional.
curl https://xerosecurity.com/pro/9.0/<YOUR_LICENSE_KEY_HERE>/activation.sh | sudo bash
After, you can access the web UI by going to https://<DOCKER_IP_HERE>:1337
Install Using Kali Linux or Ubuntu
To install Sn1per Professional on Kali Linux or Ubuntu, run the following command as ‘root’ from a terminal and follow the instructions.
curl https://xerosecurity.com/pro/9.0/<YOUR_LICENSE_KEY_HERE>/activation.sh | sudo bash
NOTE: You will need to replace the LICENSE_KEY portion with the license key you received via email after purchasing Sn1per.
Install Using DigitalOcean VPS
To install Sn1per Professional using a DigitalOcean VPS, create a new Droplet, select the “Docker on Ubuntu 2020.4” image from the Market Place section and run the following commands:
docker pull xerosecurity/sn1per docker run -p 1337:1337 -it xerosecurity/sn1per /bin/bash curl https://xerosecurity.com/pro/9.0/<YOUR_LICENSE_KEY_HERE>/activation.sh | sudo bash
Setting A Password
The activation script will prompt you to enter a password for the ‘admin’ user. It is recommended to select a complex password since the web service will be exposed publicly.
After the password is set, open a new web browser and go to https://127.0.0.1:1337 or https://your.ip.address.here:1337 and login with the username ‘admin’ and the password you setup when installing Sn1per.
If you forget your password or simply want to change or reset the ‘admin’ user password, run the following command:
htdigest -c /etc/htdigest/.htdigest restricted admin
- Command Line Usage
- Plugins & Tools
- Scheduled scans
- Sn1per Configuration Option
- Sn1per Configuration Templates
- Sc0pe Templates
- Workspace Navigator
- Workspace Report
- Host Table
- Host Lists
- Scan Tags
- Notifications Panel
- Credentials Panel
- Scheduled Scans Panel
- OSINT Panel
- Slideshow Panel
- Vulnerability Report Viewer
- Configuration Editor
- Host Report
- Recon Links
- Google Dorks
- HTML Scan Reports
- NMAP HTML Report
- Github API integration
- Burpsuite Professional 2.x integration
- OWASP ZAP integration
- Shodan API integration
- Censys API integration
- Hunter.io API integration
- Metasploit integration
- Nessus integration
- OpenVAS API integration
- Slack API integration
- WPScan API integration
For add-on specific documentation and installation guides, use the following links:
- Command Execution Add-on
- Brute Force Add-on
- Fuzzer Add-on
- Threat Intel Add-on
- Nessus Add-on
- MassPwn Add-on