Sn1per Scan Engine v10.6 Released!

Sn1per SE (Scan Engine) v10.6 is now available with a ton of new features and improvements. This update is part of the Sn1per SE development branch which is available to Sn1per Professional and Sn1per Enterprise customers. If you are a previous customer (ie. Sn1per Professional v9.0 or less) or if you use the Community Edition available on Github, you will need to purchase a Sn1per Professional or Sn1per Enterprise license to download and receive updates.

New Vulnerability Detections

* v10.6 – Added Nuclei -headless scan option to improve vulnerability detection
* v10.6 – Added Nuclei -dast option to scan all dynamic parameters in latest version
* v10.6 – Improved Nuclei sub-domain takeover scan templates

New Features

* v10.6 – Added SCAN_ALL_DISCOVERED_IPS config setting to automatically scan all reverse IP’s for all discovered sub-domains automatically
* v10.6 – Added USE_EXISTING_DOMAINS setting to skip discovery phase and use existing sub-domains for scan
* v10.6 – Added NUCLEI_TECH_DETECT setting to detect technology stack of target
* v10.6 – Added improved auto web port target selection (ie. sniper -t https://127.0.0.1:8443)

New Tools

* v10.6 – Added HTTPX tool to recon mode to detect all web hosts

Fixes

* v10.6 – Fixed F+ in sc0pe template for clear-text HTTP communications
* v10.6 – Fixed issue with FFuF switches in latest version
* v10.6 – Fixed GAU –subs switch in latest version
* v10.6 – Removed Nuclei fuzzing-templates repo and update script
* v10.6 – Fixed issue with HTML reports not generating

Update Instructions

To update to Sn1per v10.6, customers can run the ‘sniper -u‘ command from the command line or use the ‘Update‘ function from the Command Execution module.

New Vulnerability Detections

New Features

New Tools

Fixes

Update Instructions

Related

Get security intel delivered.