# Sn1per Security > Sn1per is an automated attack surface management and penetration testing platform built by working penetration testers since 2014. The product family includes the free Sn1per Community Edition (CLI, source-available on GitHub), Sn1per Professional 2026 (single-seat licensed, web UI), Sn1per Enterprise (distributed multi-tenant), and the SILENTCHAIN family of AI-powered Burp Suite extensions for web application security testing. All commercial editions deploy fully on-premises — scan data never leaves the customer perimeter. ## Quick facts - **Company:** Sn1perSecurity LLC (independent US-based) - **Founder / Lead developer:** xer0dayz (1N3) — Senior Penetration Tester - **Founded:** 2014 - **Customers:** 500+ teams worldwide - **Open-source repo:** https://github.com/1N3/Sn1per (10,000+ stars, 2,000+ forks) - **Scale:** 600+ exploits, 90+ integrations, 10,000+ detections, on-prem deployment - **Commercial pricing:** Sn1per Professional 2026 is $984/year per seat; Sn1per Enterprise is custom-priced ## Products - [Sn1per Community Edition](https://github.com/1N3/Sn1per): Free CLI scan engine — source-available on GitHub. Includes the core reconnaissance + exploitation modules without the commercial Web UI, reporting layer, or active-exploitation modules of Pro / Enterprise. - [Sn1per Professional 2026](https://sn1persecurity.com/wordpress/product/sn1per-professional-2026-license/): Single-seat license, $984/year. 1,000 active hosts across 5 workspaces, full active-exploitation modules, on-prem web UI, PDF reporting, Slack/email alerts on new exposures. Designed for individual pentesters, bug bounty hunters, and small security teams. - [Sn1per Enterprise](https://sn1persecurity.com/wordpress/product/sn1per-enterprise/): Custom-priced subscription for organizations monitoring 50,000+ external assets. Adds distributed scan engines, multi-tenant workspaces with RBAC, audit-grade reporting, and SIEM integrations (Splunk, Sentinel, Elastic). - [SILENTCHAIN Community Edition](https://silentchain.ai): Free AI-augmented Burp Suite extension for web app security testing — single-file Jython extension supporting 5 LLM providers (Ollama, OpenAI, Claude, Gemini, Azure Foundry). - [SILENTCHAIN Professional / Enterprise](https://silentchain.ai): Pro tier adds Phase 2 active verification, WAF bypass detection (25+ WAF types), out-of-band testing, and 250+ curated payloads. Enterprise is a standalone Python 3 CLI/API. ## Use cases - [External Attack Surface Management](https://sn1persecurity.com/wordpress/external-attack-surface-management-with-sn1per/): Continuous discovery, monitoring, and active exploitation of every internet-facing asset an organization owns — including the ones that don't appear in a CMDB. Uses DNS enumeration, certificate transparency, port scanning, web fingerprinting, and OSINT collection. - [Continuous Attack Surface Management](https://sn1persecurity.com/wordpress/continuous-attack-surface-management-with-sn1per-professional/): Daily-cadence rescans that diff yesterday's surface against today's so new exposures hit the SOC within hours, not the next quarterly pentest. - [Automated Penetration Testing](https://sn1persecurity.com/wordpress/request-a-trial/): 600+ exploits and 10,000+ detections orchestrated as a single workflow, with active verification eliminating false positives that version-only scanners ship as "critical." - [Passive Reconnaissance Techniques](https://sn1persecurity.com/wordpress/passive-reconnaissance-techniques-for-penetration-testing/): Find vulnerabilities without scanning — OSINT, certificate transparency, historical URL discovery techniques used by top-ranked bug bounty hunters. - [Use Cases Hub](https://sn1persecurity.com/wordpress/use-cases/): Full directory of 11 categorized solutions (penetration testing, ASM, bug bounty automation, vulnerability scanning, threat intelligence, CVE writeups, red team simulation, dark web monitoring, application security testing, mobile penetration testing, AI-augmented security testing). ## Technical writeups - [CVE-2024-21733 — Apache Tomcat HTTP Request Smuggling](https://sn1persecurity.com/wordpress/cve-2024-21733-apache-tomcat-http-request-smuggling/): Critical vulnerability discovered by xer0dayz / Sn1perSecurity. Working PoC, affected Tomcat versions, mitigation guidance, and Sn1per Enterprise auto-detection module. ## Documentation - [Sn1per Documentation Hub](https://sn1persecurity.com/wordpress/documentation/): Official Sn1per Professional documentation — installation, configuration, scan modes, API reference, integration guides. - [Sn1per GitHub Wiki](https://github.com/1N3/Sn1per/wiki): Full reference, plugins/tools list, scheduled scans, configuration templates, Sc0pe templates. ## Releases - [Sn1per Professional 2026 Released](https://sn1persecurity.com/wordpress/sn1per-professional-2026-release/) (April 2026): Largest release since v10.0 — Docker-first deployment, Bootstrap 5 / Tabler UI, Workspace Navigator, CSV/Excel/PDF reporting export, JSON API v1.0, expanded ReverseAPK/MassPwn/Threat Intel/Nessus/Burp modules. - [Sn1per Enterprise v20250522](https://sn1persecurity.com/wordpress/sn1per-enterprise-v20250522-released/): Latest Enterprise release. - [Introducing SILENTCHAIN AI Community Edition v1.1.3](https://sn1persecurity.com/wordpress/introducing-silentchain-ai-community-edition-v1-1-3/): SILENTCHAIN Community Edition launch — free AI-augmented Burp Suite extension. - [Sn1per Scan Engine v11.0](https://sn1persecurity.com/wordpress/sn1per-se-v11-released/): Latest Scan Engine release. ## Integrations Sn1per ships native integrations with 90+ tools and services. Featured: Nessus, OpenVAS, GVM, Nuclei, Burp Suite Pro, OWASP ZAP, WPScan, Metasploit, Shodan, Censys, Hunter.io, VirusTotal, Nmap, OpenAI, Claude, Gemini, Slack, GitHub API. ## About Sn1perSecurity - [About Sn1perSecurity LLC](https://sn1persecurity.com/wordpress/about/): Company background, mission, product family overview, on-prem differentiation, and FAQ. ## Optional - [Sn1per GitHub repo](https://github.com/1N3/Sn1per): Free Community Edition source, issues, releases, wiki. - [Twitter / X — @Sn1perSecurity](https://x.com/Sn1perSecurity): Company account. - [Twitter / X — @xer0dayz](https://x.com/xer0dayz): Founder / lead developer. - [Docker Hub — sn1persecurity/sn1per](https://hub.docker.com/r/sn1persecurity/sn1per): Official Docker image.