Sn1per Professional v10.1 Scan Engine (SE) update is now available for Sn1per Professional v10.0 customers with a ton of new features and improvements. This update is part of the Sn1per Professional SE development branch which is exclusively available only to Sn1per Professional v10.0 customers. If you are a previous customer (ie. Sn1per Professional v9.0 or less) or if you use the Community Edition available on Github, you will need to purchase a Sn1per Professional v10.0 license to download and receive scan engine updates.
All posts by xer0dayz
Attack Surface Management Solutions | Sn1perSecurity LLC
VMware Workspace ONE Access freemarker SSTI (CVE-2022-22954) Detection with Sn1per Professional
Information regarding a critical 0-day vulnerability affecting the VMware Workspace ONE Access and Identity Manager was disclosed and designated CVE-2022-22954 which allows an un-authenticated attacker to execute arbitrary code on vulnerable servers. On April 14th, CISA & US-Cert added CVE-2022-22954 to their catalog of known exploited vulnerabilities after a number of Proof-of-Concept (PoC) exploits were published online and exploit activity was actively observed. Given the impact and severity of the vulnerability, Sn1perSecurity has released an out-of-band update to help detect vulnerable servers in your environment using Sn1per Professional.
Severity: CRITICAL | Exploit Available: Yes | Exploitability: Easy | Remotely Exploitable: Yes
Spring4Shell (CVE-2022-22965) Detection with Sn1per Professional
On March 30, 2022, information regarding a critical 0-day vulnerability affecting the Spring Framework was disclosed and dubbed “Spring4Shell” CVE-2022-22965 which allows an un-authenticated attacker to execute arbitrary code on vulnerable servers. Given the impact and severity of the vulnerability, Sn1perSecurity has released an out-of-band update to help detect vulnerable and compromised servers in your environment using Sn1per Professional. This update also includes improved detection for Apache Tomcat which is required in order to exploit this vulnerability.
Severity: CRITICAL | Exploit Available: Yes | Exploitability: Easy | Remotely Exploitable: Yes
Sn1per Professional v10.0 Released
After months of hard work and development, we are pleased to announce the release of Sn1per Professional v10.0. This is a major release with many fixes, improvements and new features to help customers get the most value using Sn1per. Starting with v10.0, customers will have have 3 new pricing plans to choose from which will more closely align with their needs while remaining competitive in the market. In this post, we will go into detail for all of these changes and more.
Sn1per Community vs. Professional – What’s The Difference?
We recently received some questions regarding differences between Sn1per “Community” and “Professional“, so we thought we would cover this in a detailed post. Whether you’re an independent security researcher or a multi-billion dollar company looking to purchase Sn1per Professional, we hope this blog post will guide you to make the best decision based on your needs and budget. There are many advantages of using our “Professional” version over our “Community” edition, but this blog post will cover the most significant items.
Products
-
Sn1per Enterprise
$1,899.00
-
Sn1per Professional
$984.00