Sn1per SE v10.2 Update

Sn1per Scan Engine v10.2 Released!

Sn1per SE (Scan Engine) v10.2 is now available with a ton of new features and improvements. This update is part of the Sn1per SE development branch which is available to Sn1per Professional v10.0 and Sn1per Enterprise customers. If you are a previous customer (ie. Sn1per Professional v9.0 or less) or if you use the Community Edition available on Github, you will need to purchase a Sn1per Professional v10.0 license to download and receive updates.

(more…)

Sn1per Professional v9.1 Update

Sn1per Professional v9.2 SE Update Released!

Sn1per Professional v9.2 Scan Engine (SE) update is now available for Sn1per Professional v9.0 customers with a ton of new features and improvements! This update is part of the new private development branch (Sn1per Professional SE) which is exclusively available only to Sn1per Professional v9.0 customers. If you are a previous customer (ie. Sn1per Professional v8.0 or less) or if you use the Community Edition available on Github, you will need to purchase a Sn1per Professional v9.0 license to download and receive scan engine updates.

(more…)

Passive Attack Surface Reconnaissance

Passive Reconnaissance Techniques For Penetration Testing

As a top ranked bug bounty researcher and Sr. Penetration Tester, I’ve discovered some critical vulnerabilities without ever directly accessing or scanning the target in question. These vulnerabilities are typically found by querying 3rd party services to discover cached and historic URL’s from a target and searching interesting URL’s. In some cases, this has lead me to discover critical “0day” vulnerabilities in commercial security products, Corporate owned websites and online services. In this blog post, I’ll discuss the methodology and step-by-step process used to find these vulnerabilities and how we can leverage tools like Sn1per Professional to assist us.

(more…)

Sn1per Professional v9.1 Update

Sn1per Professional v9.1 SE Update Released!

Sn1per Professional v9.1 Scan Engine (SE) update is now available for Sn1per Professional v9.0 customers with a ton of new features and improvements! This update will start the beginning of a new private development branch (Sn1per Professional SE) which will be exclusively available only to Sn1per Professional v9.0 customers. If you are a previous customer (ie. Sn1per Professional v8.0 or less) or if you use the Community Edition available on Github, you will need to purchase a Sn1per Professional v9.0 license to download and receive future scan engine updates and technical support.

(more…)

Sn1per Professional Continuous Attack Surface Testing

Attack Surface Management With Sn1per Professional

External Attack Surface Management (EASM) has become a crucial function for every organization to gain visibility of their perimeter security. Having the right tools and processes in place is vital to detecting new vulnerabilities before attackers do. In this blog post, we will outline the basic steps for discovering the attack surface with Sn1per Professional.

(more…)