“I originally created Sn1per because I didn’t want to run 10 different security tools and remember every command switch for each pentest I was doing. I wanted to be more efficient in the enumeration phase in order to save time and focus on other more manual aspects of penetration testing,” 1N3@CrowdShield, creator of Sn1per<p>Features<p>•Automatically collects basic recon (ie. whois, ping, DNS, etc.)<p>•Automatically launches Google hacking queries against a target domain<p>•Automatically enumerates open ports<p>•Automatically brute forces sub-domains and DNS info<p>•Automatically checks for sub-domain hijacking<p>•Automatically runs targeted nmap scripts against open ports<p>•Automatically runs targeted Metasploit scan and exploit modules<p>•Automatically scans all web applications for common vulnerabilities<p>•Automatically brute forces all open services<p>•Automatically exploit remote hosts to gain remote shell access<p>•Performs high level enumeration of multiple hosts<p>•Auto-pwn added for Metasploitable, ShellShock, MS08-067, Default Tomcat Creds.