{"id":63081,"date":"2026-04-25T09:50:16","date_gmt":"2026-04-25T16:50:16","guid":{"rendered":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/configuration\/"},"modified":"2026-04-25T09:50:16","modified_gmt":"2026-04-25T16:50:16","slug":"configuration","status":"publish","type":"page","link":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/configuration\/","title":{"rendered":"Configuration"},"content":{"rendered":"<div class=\"sn-breadcrumb\"><a href=\"\/wordpress\/documentation\/\">Documentation<\/a><span class=\"sep\">\/<\/span><span>Configuration<\/span><\/div>\n<p>Most Sn1per Pro behavior is controlled by two files:<\/p>\n<ul>\n<li><strong><code>\/usr\/share\/sniper\/sniper.conf<\/code><\/strong> \u2014 scan engine defaults (threads, DNS, AI, RAG, Burp, notifications, etc.)<\/li>\n<li><strong><code>\/usr\/share\/sniper\/pro\/settings.php<\/code><\/strong> \u2014 Pro web UI tunables (license key, install dir, workspace limits, Burp host)<\/li>\n<\/ul>\n<p>Change either file and restart Apache (<code>sudo systemctl reload apache2<\/code>) to pick up PHP-side changes. Scan engine changes take effect on the next <code>sniper<\/code> invocation.<\/p>\n<h2 id=\"sniperconf-scan-engine\">sniper.conf \u2014 scan engine<\/h2>\n<p><code>sniper.conf<\/code> contains ~260 settings. The most commonly tuned are below. Per-scan overrides can be supplied with <code>sniper -c \/path\/to\/override.conf<\/code>, or by selecting a different template from the <strong>Config Editor<\/strong> in the web UI (templates live under <code>\/usr\/share\/sniper\/conf\/<\/code>).<\/p>\n<h3 id=\"core\">Core<\/h3>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>INSTALL_DIR<\/code><\/td>\n<td><code>\/usr\/share\/sniper<\/code><\/td>\n<td>Root install path (do not change without reinstalling)<\/td>\n<\/tr>\n<tr>\n<td><code>THREADS<\/code><\/td>\n<td><code>30<\/code><\/td>\n<td>Concurrent scan threads<\/td>\n<\/tr>\n<tr>\n<td><code>DNS_RESOLVER<\/code><\/td>\n<td><code>8.8.8.8<\/code><\/td>\n<td>DNS resolver for recon<\/td>\n<\/tr>\n<tr>\n<td><code>USER_AGENT<\/code><\/td>\n<td><code>Googlebot<\/code><\/td>\n<td>Default HTTP User-Agent<\/td>\n<\/tr>\n<tr>\n<td><code>BROWSER<\/code><\/td>\n<td><code>firefox<\/code><\/td>\n<td>Screenshot browser<\/td>\n<\/tr>\n<tr>\n<td><code>VERBOSE<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Verbose logging (<code>0<\/code>\/<code>1<\/code>)<\/td>\n<\/tr>\n<tr>\n<td><code>DEBUG<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Debug logging (<code>0<\/code>\/<code>1<\/code>)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"scope\">Scope<\/h3>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>SCOPE<\/code><\/td>\n<td><code>\"\"<\/code><\/td>\n<td>In-scope hosts\/patterns<\/td>\n<\/tr>\n<tr>\n<td><code>OUT_OF_SCOPE<\/code><\/td>\n<td>Sn1per domains<\/td>\n<td>Bash array of domains to skip<\/td>\n<\/tr>\n<tr>\n<td><code>REMOVE_RESUME_FILES<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Delete resume state after scan<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"scan-gates\">Scan gates<\/h3>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>AUTO_BRUTE<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Run bruteforce mode automatically<\/td>\n<\/tr>\n<tr>\n<td><code>OSINT<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Run OSINT collection<\/td>\n<\/tr>\n<tr>\n<td><code>RECON<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Run recon modules<\/td>\n<\/tr>\n<tr>\n<td><code>VULNSCAN<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Run vulnerability scans<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"ai-integration\">AI integration<\/h3>\n<p>Sn1per Pro ships with AI-assisted analysis (default: Ollama with <code>deepseek-v3.2:cloud<\/code>). To use a commercial provider, set <code>AI_PROVIDER<\/code> and supply the relevant API key via environment variable or provider-specific config.<\/p>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>AI_ENABLED<\/code><\/td>\n<td><code>1<\/code><\/td>\n<td>Master AI switch<\/td>\n<\/tr>\n<tr>\n<td><code>AI_PROVIDER<\/code><\/td>\n<td><code>ollama<\/code><\/td>\n<td>One of <code>ollama<\/code>, <code>openai<\/code>, <code>claude<\/code>, <code>claude-code<\/code>, <code>gemini<\/code><\/td>\n<\/tr>\n<tr>\n<td><code>AI_MODEL<\/code><\/td>\n<td><code>deepseek-v3.2:cloud<\/code><\/td>\n<td>Model identifier for the chosen provider<\/td>\n<\/tr>\n<tr>\n<td><code>AI_FALLBACK_PROVIDER<\/code> \/ <code>AI_FALLBACK_MODEL<\/code><\/td>\n<td><code>\"\"<\/code><\/td>\n<td>Optional fallback on primary failure<\/td>\n<\/tr>\n<tr>\n<td><code>AI_SCAN_ANALYSIS<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>AI summarizes scan output<\/td>\n<\/tr>\n<tr>\n<td><code>AI_SCAN_DECISIONING<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>AI decides next scan steps<\/td>\n<\/tr>\n<tr>\n<td><code>AI_VULNERABILITY_ANALYSIS<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>AI triages findings<\/td>\n<\/tr>\n<tr>\n<td><code>AI_REPORT_ENHANCEMENT<\/code><\/td>\n<td><code>1<\/code><\/td>\n<td>AI-augmented scan reports<\/td>\n<\/tr>\n<tr>\n<td><code>AI_BRUTEFORCE<\/code><\/td>\n<td><code>1<\/code><\/td>\n<td>AI-generated wordlists for bruteforce<\/td>\n<\/tr>\n<tr>\n<td><code>AI_AGENT_MODE<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Enable autonomous agent mode<\/td>\n<\/tr>\n<tr>\n<td><code>AI_TEMPERATURE<\/code><\/td>\n<td><code>0.1<\/code><\/td>\n<td>Sampling temperature<\/td>\n<\/tr>\n<tr>\n<td><code>AI_MAX_TOKENS<\/code><\/td>\n<td><code>4096<\/code><\/td>\n<td>Max output tokens per query<\/td>\n<\/tr>\n<tr>\n<td><code>AI_TIMEOUT<\/code><\/td>\n<td><code>120<\/code><\/td>\n<td>Per-request timeout in seconds<\/td>\n<\/tr>\n<tr>\n<td><code>AI_MAX_QUERIES_PER_SCAN<\/code><\/td>\n<td><code>50<\/code><\/td>\n<td>Hard ceiling per scan<\/td>\n<\/tr>\n<tr>\n<td><code>AI_MAX_INPUT_TOKENS_PER_QUERY<\/code><\/td>\n<td><code>50000<\/code><\/td>\n<td>Input size ceiling per query<\/td>\n<\/tr>\n<tr>\n<td><code>AI_SANITIZE_ENABLED<\/code><\/td>\n<td><code>1<\/code><\/td>\n<td>Scrub sensitive strings before sending to the LLM<\/td>\n<\/tr>\n<tr>\n<td><code>MAX_PARALLEL_AGENTS<\/code><\/td>\n<td><code>3<\/code><\/td>\n<td>Concurrent agent workers<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"phase-2-active-verification-model-routing\">Phase 2 (active verification) model routing<\/h3>\n<p>Sn1per Pro can use a different AI model for Phase 2 active verification (exploit payload generation, WAF bypass, etc.) than for general scan analysis. Leave blank to use the primary <code>AI_PROVIDER<\/code> \/ <code>AI_MODEL<\/code>.<\/p>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>AI_PHASE2_PROVIDER<\/code><\/td>\n<td><code>\"\"<\/code><\/td>\n<td>Override provider for Phase 2<\/td>\n<\/tr>\n<tr>\n<td><code>AI_PHASE2_MODEL<\/code><\/td>\n<td><code>\"\"<\/code><\/td>\n<td>Override model for Phase 2<\/td>\n<\/tr>\n<tr>\n<td><code>AI_PHASE2_URL<\/code><\/td>\n<td><code>\"\"<\/code><\/td>\n<td>Override API base URL for Phase 2<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"rag-security-knowledge-engine\">RAG Security Knowledge Engine<\/h3>\n<p>Sn1per Pro can enrich scans with the Sn1per RAG engine (OWASP Top 10, CWE Top 25, Exploit-DB, SecLists, CVE data, 80K+ documents). See the RAG engine docs for setup.<\/p>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>RAG_INGEST_ENABLED<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Feed scan findings back into the RAG KB<\/td>\n<\/tr>\n<tr>\n<td><code>RAG_API_URL<\/code><\/td>\n<td><code>http:\/\/localhost:8000<\/code><\/td>\n<td>RAG Engine endpoint<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"burp-suite-integration\">Burp Suite integration<\/h3>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>BURP_SCAN<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Route traffic through Burp proxy during scans<\/td>\n<\/tr>\n<tr>\n<td><code>BURP_HOST<\/code><\/td>\n<td><code>127.0.0.1<\/code><\/td>\n<td>Burp proxy host<\/td>\n<\/tr>\n<tr>\n<td><code>BURP_PORT<\/code><\/td>\n<td><code>1338<\/code><\/td>\n<td>Burp proxy port<\/td>\n<\/tr>\n<tr>\n<td><code>BURP_MCP<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Enable the Burp MCP integration<\/td>\n<\/tr>\n<tr>\n<td><code>BURP_MCP_PORT<\/code><\/td>\n<td><code>9876<\/code><\/td>\n<td>Burp MCP endpoint port<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"notifications\">Notifications<\/h3>\n<p>Sn1per supports Slack and SMTP notifications for recon deltas and vulnerabilities.<\/p>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>SLACK_NOTIFICATIONS<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Master Slack switch<\/td>\n<\/tr>\n<tr>\n<td><code>SLACK_SCREENSHOTS<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Attach screenshots<\/td>\n<\/tr>\n<tr>\n<td><code>SLACK_NOTIFICATIONS_*<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Per-event switches (domains, takeovers, subnets, nmap diff, vulns, \u2026)<\/td>\n<\/tr>\n<tr>\n<td><code>SMTP_ALERTS_EMAIL_FROM<\/code> \/ <code>SMTP_ALERTS_EMAIL_TO<\/code><\/td>\n<td>placeholders<\/td>\n<td>SMTP from\/to addresses<\/td>\n<\/tr>\n<tr>\n<td><code>SMTP_ALERTS_NEW_DOMAINS<\/code> \/ <code>SMTP_ALERTS_TAKEOVERS<\/code> \/ <code>SMTP_ALERTS_VULNERABILITIES<\/code><\/td>\n<td><code>0<\/code><\/td>\n<td>Per-event switches<\/td>\n<\/tr>\n<tr>\n<td><code>EMAILFORMAT<\/code><\/td>\n<td><code>1<\/code><\/td>\n<td><code>0<\/code> = plain text, <code>1<\/code> = HTML<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"bruteforce-wordlists\">Bruteforce wordlists<\/h3>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>USER_FILE<\/code><\/td>\n<td><code>\/usr\/share\/brutex\/wordlists\/simple-users.txt<\/code><\/td>\n<\/tr>\n<tr>\n<td><code>PASS_FILE<\/code><\/td>\n<td><code>\/usr\/share\/brutex\/wordlists\/password.lst<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h3 id=\"openvas-integration\">OpenVAS integration<\/h3>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>OPENVAS_HOST<\/code><\/td>\n<td><code>127.0.0.1<\/code><\/td>\n<td>OpenVAS GMP host<\/td>\n<\/tr>\n<tr>\n<td><code>OPENVAS_PORT<\/code><\/td>\n<td><code>9390<\/code><\/td>\n<td>OpenVAS GMP port<\/td>\n<\/tr>\n<tr>\n<td><code>OPENVAS_USERNAME<\/code><\/td>\n<td><code>admin<\/code><\/td>\n<td>GMP user<\/td>\n<\/tr>\n<tr>\n<td><code>OPENVAS_PASSWORD<\/code><\/td>\n<td><code>\"\"<\/code><\/td>\n<td>GMP password<\/td>\n<\/tr>\n<tr>\n<td><code>OPENVAS_PORT_LIST<\/code><\/td>\n<td><code>1-65535<\/code><\/td>\n<td>Port list name<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 id=\"settingsphp-pro-web-ui\">settings.php \u2014 Pro web UI<\/h2>\n<p><code>\/usr\/share\/sniper\/pro\/settings.php<\/code> contains PHP-visible tunables. The license key and customer email are set at install time; do not edit them manually.<\/p>\n<table>\n<thead>\n<tr>\n<th>Setting<\/th>\n<th>Default<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>$LICENSE_KEY<\/code><\/td>\n<td>(per-customer)<\/td>\n<td>Activated license hash. Do not edit<\/td>\n<\/tr>\n<tr>\n<td><code>$EMAIL<\/code><\/td>\n<td>(per-customer)<\/td>\n<td>Customer email. Do not edit<\/td>\n<\/tr>\n<tr>\n<td><code>$INSTALL_DIR<\/code><\/td>\n<td><code>\/usr\/share\/sniper<\/code><\/td>\n<td>Match <code>sniper.conf<\/code> <code>INSTALL_DIR<\/code><\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_LINES<\/code><\/td>\n<td><code>500<\/code><\/td>\n<td>Max lines to render in full output panes<\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_STATIC_LINES<\/code><\/td>\n<td><code>50<\/code><\/td>\n<td>Max lines for inline previews<\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_REPORTS<\/code><\/td>\n<td><code>30<\/code><\/td>\n<td>Max recent reports in sidebar<\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_WORKSPACES<\/code><\/td>\n<td><code>6<\/code><\/td>\n<td>Max workspaces on navigator dashboard<\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_HOSTS<\/code><\/td>\n<td><code>30<\/code><\/td>\n<td>Max hosts per workspace overview<\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_SCAN_TASKS<\/code><\/td>\n<td><code>20<\/code><\/td>\n<td>Max entries in the Scan Tasks drawer<\/td>\n<\/tr>\n<tr>\n<td><code>$MAX_NOTIFICATIONS<\/code><\/td>\n<td><code>1000<\/code><\/td>\n<td>Ring buffer for change notifications<\/td>\n<\/tr>\n<tr>\n<td><code>$WORKSPACE_CRITICAL_THRESHOLD<\/code><\/td>\n<td><code>1000<\/code><\/td>\n<td>Severity-score cutoff for &#8220;Critical&#8221; badge<\/td>\n<\/tr>\n<tr>\n<td><code>$WORKSPACE_HIGH_THRESHOLD<\/code><\/td>\n<td><code>250<\/code><\/td>\n<td>&#8220;High&#8221; badge cutoff<\/td>\n<\/tr>\n<tr>\n<td><code>$WORKSPACE_MEDIUM_THRESHOLD<\/code><\/td>\n<td><code>25<\/code><\/td>\n<td>&#8220;Medium&#8221; badge cutoff<\/td>\n<\/tr>\n<tr>\n<td><code>$WORKSPACE_LOW_THRESHOLD<\/code><\/td>\n<td><code>1<\/code><\/td>\n<td>&#8220;Low&#8221; badge cutoff<\/td>\n<\/tr>\n<tr>\n<td><code>$BURP_HOST<\/code><\/td>\n<td><code>http:\/\/127.0.0.1:8080<\/code><\/td>\n<td>Web UI&#8217;s Burp proxy (for the &#8220;Send to Burp&#8221; action)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 id=\"apache\">Apache<\/h2>\n<p>The installer configures <code>\/etc\/apache2\/sites-enabled\/apache_remote_ssl_digest_auth_port_1337.conf<\/code> with:<\/p>\n<ul>\n<li>Port 1337 (HTTPS only)<\/li>\n<li>Self-signed certificate at <code>\/etc\/apache2\/ssl\/server.crt<\/code> \/ <code>server.key<\/code><\/li>\n<li>HTTP Digest authentication, realm <code>restricted<\/code>, user database at <code>\/etc\/htdigest\/.htdigest<\/code><\/li>\n<li>A systemd drop-in at <code>\/etc\/systemd\/system\/apache2.service.d\/sniper-override.conf<\/code> that disables Apache&#8217;s default Kali hardening (<code>ProtectSystem<\/code>, <code>RestrictNamespaces<\/code>, <code>MemoryDenyWriteExecute<\/code>, etc.) \u2014 required so that <code>www-data<\/code>-forked scan tools have the capabilities they need<\/li>\n<\/ul>\n<p>To change the port, edit both <code>apache_remote_ssl_digest_auth_port_1337.conf<\/code> and <code>\/etc\/apache2\/ports.conf<\/code>, then <code>sudo systemctl reload apache2<\/code>.<\/p>\n<h2 id=\"admin-password\">Admin password<\/h2>\n<p>At install, a random 16-char password is generated and stored at:<\/p>\n<pre><code>\/usr\/share\/sniper\/pro\/data\/.admin-password    (root:root 0600)\n<\/code><\/pre>\n<p>The corresponding Apache Digest HA1 (<code>MD5(admin:restricted:password)<\/code>) is written to:<\/p>\n<pre><code>\/etc\/htdigest\/.htdigest                        (root:www-data 0640)\n<\/code><\/pre>\n<p>To change the password, regenerate both files. The canonical method (matching the installer&#8217;s) writes the HA1 directly rather than using <code>htdigest(1)<\/code>, which on Debian\/Kali opens <code>\/dev\/tty<\/code> and breaks scripted updates:<\/p>\n<pre><code class=\"language-bash\">NEW_PASS='your-new-password'\nHA1=$(printf '%s' &quot;admin:restricted:$NEW_PASS&quot; | md5sum | awk '{print $1}')\nsudo bash -c &quot;echo &quot;admin:restricted:$HA1&quot; &gt; \/etc\/htdigest\/.htdigest&quot;\nsudo chmod 640 \/etc\/htdigest\/.htdigest\nsudo chown root:www-data \/etc\/htdigest\/.htdigest\necho &quot;$NEW_PASS&quot; | sudo tee \/usr\/share\/sniper\/pro\/data\/.admin-password &gt; \/dev\/null\nsudo chmod 600 \/usr\/share\/sniper\/pro\/data\/.admin-password\nsudo systemctl reload apache2\n<\/code><\/pre>\n<h2 id=\"postgresql\">PostgreSQL<\/h2>\n<p>PostgreSQL is provisioned for the Metasploit Framework during install. Connection is local-socket by default and is configured by <code>msfdb init<\/code>. There is no standalone &#8220;sniper&#8221; database \u2014 scan metadata lives on disk under <code>\/usr\/share\/sniper\/loot\/workspace\/&lt;target&gt;\/<\/code>.<\/p>\n<h2 id=\"docker-specific-configuration\">Docker-specific configuration<\/h2>\n<p>See <a href=\"\/wordpress\/documentation\/docker\/\">Docker<\/a> for:<\/p>\n<ul>\n<li>Port mapping (host \u2194 container)<\/li>\n<li>Volume mounts for persisting scan loot and configuration<\/li>\n<li><code>--privileged<\/code> vs. capability-based runs<\/li>\n<li>docker compose service definition and healthcheck<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Documentation\/Configuration Most Sn1per Pro behavior is controlled by two files: \/usr\/share\/sniper\/sniper.conf \u2014 scan engine defaults (threads, DNS, AI, RAG, Burp, notifications, etc.) \/usr\/share\/sniper\/pro\/settings.php \u2014 Pro web UI tunables (license key,\u2026<\/p>\n","protected":false},"author":0,"featured_media":0,"parent":2284,"menu_order":30,"comment_status":"closed","ping_status":"closed","template":"page-templates\/template-doc-page.php","meta":{"om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"footnotes":""},"class_list":["post-63081","page","type-page","status-publish","hentry"],"aioseo_notices":[],"jetpack_shortlink":"https:\/\/wp.me\/PdnW96-gpr","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":63083,"url":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/architecture\/","url_meta":{"origin":63081,"position":0},"title":"Architecture","author":"","date":"April 25, 2026","format":false,"excerpt":"Documentation\/Architecture Sn1per Professional 2026 pairs a bash-based scan engine with a modernized PHP web UI on Apache, and optionally integrates with an AI \/ RAG stack for augmented analysis. This doc describes how the components fit together. High-level stack Browser (HTTPS :1337) | v Apache 2.4 --- Digest Auth ---\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":63082,"url":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/usage\/","url_meta":{"origin":63081,"position":1},"title":"Usage","author":"","date":"April 25, 2026","format":false,"excerpt":"Documentation\/Usage Sn1per Professional 2026 exposes three interfaces: a web UI (primary), a CLI (sniper command), and a JSON API. Web UI The web UI is served on HTTPS port 1337. Log in as admin with the password from \/usr\/share\/sniper\/pro\/data\/.admin-password. Workspace Navigator The landing page after login. One row per workspace\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":63079,"url":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/getting-started\/","url_meta":{"origin":63081,"position":2},"title":"Getting Started","author":"","date":"April 25, 2026","format":false,"excerpt":"Documentation\/Getting Started This guide gets you from a fresh system to a running Sn1per Pro instance in under 20 minutes. For deeper coverage, see Installation and Configuration. Prerequisites A 64-bit Linux host (Kali Rolling recommended; Ubuntu 22.04+, Debian 12+, and Parrot OS also supported) Root or passwordless sudo access 4\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":63084,"url":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/docker\/","url_meta":{"origin":63081,"position":3},"title":"Docker","author":"","date":"April 25, 2026","format":false,"excerpt":"Documentation\/Docker Sn1per Professional 2026 can run inside a Docker container on any Docker-capable host. The recommended workflow starts a Kali base container and runs your license's activation.sh inside it \u2014 the same installer used on bare metal. Why --privileged is required Sn1per Pro runs a broad offensive toolchain: nmap (raw\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":63080,"url":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/installation\/","url_meta":{"origin":63081,"position":4},"title":"Installation","author":"","date":"April 25, 2026","format":false,"excerpt":"Documentation\/Installation Sn1per Professional 2026 installs in two modes: bare metal on a supported Linux host, or inside a Docker container. The same activation.sh URL (sent in your order confirmation email) drives both. System Requirements Requirement Minimum Recommended Operating system Kali Linux Rolling, Ubuntu 22.04+, Debian 12+, or Parrot OS Kali\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":34090,"url":"https:\/\/sn1persecurity.com\/wordpress\/documentation\/owasp-zap-integration\/","url_meta":{"origin":63081,"position":5},"title":"OWASP ZAP Integration","author":"xer0dayz","date":"September 24, 2024","format":false,"excerpt":"Setup In order to setup OWASP ZAP integration, you will need to have ZAP running on the same host as Sn1per and the http\/https proxy listening on port 8081\/tcp. In addition, you will need to enable the ZAP API service and disable the API key. Next, update the following values\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/pages\/63081","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/types\/page"}],"replies":[{"embeddable":true,"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/comments?post=63081"}],"version-history":[{"count":0,"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/pages\/63081\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/pages\/2284"}],"wp:attachment":[{"href":"https:\/\/sn1persecurity.com\/wordpress\/wp-json\/wp\/v2\/media?parent=63081"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}