Sn1per Enterprise v20230516 Released!

Sn1per Enterprise v20230516 has been released for Sn1per Enterprise customers, introducing several new features and enhancements. In this blog post, we will delve into the details of these additions. If you’re not a Sn1per Enterprise customer yet, now is the perfect time as we have reduced the starting price of our Enterprise plan by 40%. We also removed the limitations for “Max targets per workspace” and “Max workspaces” to give customers more flexibility over their asset allocation. Based on these changes, this is the best deal we’ve ever had for our Enterprise product. To learn more or request a quote, please visit our shop.

Introduction of HTTP Status Indicators

To begin with, we have implemented HTTP status indicators for all web hosts. These indicators provide information about the number of endpoints discovered through active and passive spidering, as well as brute forcing for hidden files and directories. The black bubble indicator represents the total number of discovered endpoints, while the green bubble indicator represents endpoints with a “200” status code. Red indicates status codes with “401/403 Access Denied,” and orange indicates redirect status codes (e.g., 301/302). Blue indicates status codes with 50x indicating an error.

Introducing the New URLs Viewer

We are also introducing a new URLs tab in all host reports. This tab provides a visual interface to explore, sort, and export all discovered endpoints, which align with the previously mentioned HTTP status codes. Additionally, we have added quick point-and-click “Fuzz” actions to automatically test specific endpoints with various tools. These actions help detect OWASP Top 10 vulnerabilities like SQL injection or Cross-Site Scripting (XSS), uncover hidden content, and check for 403 bypasses on the specific endpoint selected.

Enhanced Visual Configuration Editor

We are excited to present the new visual configuration editor shown below. This feature enables customers to easily view and customize their scan policies using our visual editor. The drop-down menus conveniently load all wordlists from the /sniper/wordlists/ directory, allowing for effortless selection of wordlists and options to experiment with different combinations.

Improved Credentials Viewer

Our credentials viewer has been enhanced to display both valid credentials discovered through HudsonRock‘s FREE API tier and Enum4Linux, giving customers a greater range of credential discovery and detail.

Changelog

• Added visual configuration editor/viewer
• Added HTTP status indicators to “Web Hosts” lists
• Added URLs exportable/sortable chart view to host reports
• Added fuzz options to all URLs in URLs chart to quickly run various tools and fuzz for OWASP Top 10 vulnerabilities
• Task Viewer now includes selected configuration file for each scan and target
• Added vulnerability listing to workspace report
• Added HudsonRock and Enum4Linux details to Credentials view
• Added “Re-scan” function/link to Scheduled Tasks view to re-run scheduled tasks on demand
• Added ReverseAPK add-on

To learn more about Sn1per Enterprise and its latest features, please don’t hesitate to contact us for further information. You can also request a quote or explore additional details by visiting our online shop.