Sn1per Professional v8.0 Threat Intel Add-on Released!

XeroSecurity is proud to announce the release of our Threat Intel Add-on for Sn1per Professional v8.0! Stay up-to-date with the latest emerging security threats, vulnerabilities, data breaches and exploit releases with the new Threat Intel Add-on for Sn1per Professional v8.0!

Features

  • Quickly search for the latest CVE’s, exploits and vulnerabilities easily
  • Search local NMap scripts and Metasploit modules easily
  • Stay up-to-date on emerging threats, vulnerabilities, news and exploits with over 20+ hand picked RSS feeds
  • Perform OSINT and reconnaissance on any target IP or domain name, using built-in recon and Google dork links
  • Join the top security servers on Slack and Discord to gather and share community based intelligence

Screenshots

Threat Intel Add-on v1.0
Threat Intel Add-on v1.0
Threat Intel Add-on v1.0

Demo

Buy now!

As always, feel free to reach out to us at [email protected] with any questions!

Sn1per-professional-fuzzer-addon-banner1

Sn1per Professional v8.0 Fuzzer Add-on Released!

XeroSecurity is proud to announce the release of our Fuzzer Add-on for Sn1per Professional v8.0! This will further enhance Sn1per’s ability to automatically fuzz for OWASP TOP 10 vulnerabilities and discover hidden web content. The new add-on comes with a host of options that can be easily configured from the Sn1per web UI and launched via the Command Execution Add-on. The result is a powerful combination of dynamic scanning options combined with professional reporting to help you quickly and easily find vulnerabilities in your environment.

Features

  • Automatically fuzz dynamic URL’s for OWASP TOP 10 vulnerabilities.
  • Discover hidden content in a target environment.
  • Spider all URL’s within a target environment.
  • Single & built-in multi target selections.
  • Customized wordlist selections and options via the GUI.
  • HTML and text based reports for all tools (ie. Black Widow, InjectX, SQLMap, Arachni, FFuf, Dirsearch, Gobuster)
  • Reporting of all output via the Command Execution Add-on.

Screenshots

Sn1per-Professional-fuzzer-addon7
Sn1per Professional Fuzzer Add-on GUI
Sn1per-Professional-fuzzer-addon12
Sn1per Professional Fuzzer Add-on HTML Reports
Sn1per Professional Fuzzer Add-on InjectX Fuzzer
Sn1per Professional Fuzzer Add-on Gobuster Hidden Web Content

Demo

Sn1per Professional Fuzzer Add-on Demo

Buy now!

As always, feel free to reach out to us at [email protected] with any questions!

Sn1per Professional v7.0 Demo

Aftermath2020 #002 with @xer0dayz – Live Bug Bounty Recon with Sn1per Professional

https://youtu.be/qYnfzIhTd10

Highlights:

0:00 – Basic stealth mode single domain recon with Sn1per Professional v8.0
5:00 – Leveraging built-in Sn1per Professional recon links to passively gather #OSINT
6:15 – Using InjectX fuzzer to fuzz dynamic URL’s (unreleased)
8:04 – Levaging Sn1per Professional’s Fuzzer Add-on to brute force files/directories (unreleased)
9:00 – More stealth mode single target recon with split panel/search/host jump features
11:20 – Manual scan analysis of discovered URL’s
16:20 – Levaging Sn1per Professional’s Fuzzer Add-on to brute force files/directories (unreleased)
17:35 – Use of Sn1per Professional’s host table filter
17:45 – Use of Sn1per Professional’s quick links to view websites in browser
18:52 – Use of Sn1per Professional’s built-in Google Dorks links to discover hidden content
19:20 – Levaging Sn1per Professional’s Fuzzer Add-on to brute force files/directories (unreleased)
22:22 – Using Burpsuite Professional JSLinkFinder plugin to analyze Javascript files
24:20 – Leveraging built-in Sn1per Professional recon links to passively gather #OSINT
25:54 – Discovering hidden/cached content via URLScan.io
29:55 – Use of Sn1per Professional’s built-in Notepad add-on to keep notes on workspace
30:37 – Use of Fofa to conduct recon on target domain
35:31 – Levaging Sn1per Professional’s Fuzzer Add-on to brute force files/directories with extensions (unreleased)
36:26 – Using Google dorks to discover content and URL’s
43:17 – Manual Javascript analysis from the command line
44:42 – Discovering pre-production and internal domains in Javascript files
53:18 – Digging deeper into hidden/discovered content on a target
57:14 – Discovering PayPal github repos in Javascript source
57:42 – Conducting basic github recon on PayPal developers for sensitive data

 

Recent Comments