![\"Sn1per](\"https:\/\/sn1persecurity.com\/wordpress\/wp-content\/uploads\/2026\/04\/sn1per-pro-2026-workspace-navigator.png\")
<\/a><\/p>\nDocker-First Deployment<\/h2>\n
Pro 2026 ships with full Docker support out of the box. The image is built on the Kali Linux rolling base with Apache 2.4, PHP 8.4, SSL, and HTTP Digest authentication baked in — no host-OS contamination, no bare-metal install required for first-time evaluators or air-gapped lab deployments. A The result: an evaluator can clone the repo and run a single The most visible change is a wholesale upgrade of the web UI. Pro 2026 moves from Bootstrap 3.3.7 to Bootstrap 5.3 via the Tabler theme. The legacy accordion Quick Commands panel is replaced by a modern Offcanvas sidebar<\/strong>, freeing the main canvas for data. DataTables 2.x lands with native Bootstrap 5 theming and ships export buttons for CSV, Excel, PDF, and Copy. Chart.js powers the new vulnerability breakdown donuts, scan coverage charts, and host status visualizations. Font Awesome 6 replaces older icon fonts.<\/p>\n A user-toggleable dark and light theme<\/strong>, persisted in The new Two new report surfaces give you per-workspace and per-host detail without leaving the browser:<\/p>\n Both surfaces are export-ready: every table has CSV, Excel, PDF, and Copy buttons wired in.<\/p>\n For the first time, Pro 2026 exposes a documented programmatic interface. This is the foundation for everything “programmable Sn1per” we will build on top of in future releases.<\/p>\n The breadth of the scan engine matches the breadth of the engagements operators actually run. Pro 2026 documents the following modes and scan flags in Every mode is invokable from the new sidebar workflow or scriptable via Pro 2026 also adds three CLI flags that have been long-requested by daily-driver operators — the kind of small ergonomics that compound over hundreds of engagements:<\/p>\n All three are session-scoped: they take effect for the current scan only, without permanently mutating The Quick Commands sidebar is rebuilt from the ground up as an Offcanvas panel that slides in over the main view. Each panel is a self-contained workflow surface:<\/p>\n The Offcanvas pattern keeps your scan output visible while you queue the next action — a substantial workflow improvement over the old accordion model.<\/p>\n Pro 2026 ships five advanced modules, all surfaced in the new UI:<\/p>\n SC0PE is the unified vulnerability detection layer underneath the scan engine, and it expanded materially in 2026:<\/p>\n Each sub-scanner emits a normalized SC0PE-format finding so the workspace and host reports can render them consistently regardless of which scanner discovered them.<\/p>\n Behind every page render is a new central library set under The installer ( The PostgreSQL 18.x compatibility issue is resolved by upgrading the Pro 2026 ships with seven new documentation surfaces, all published at sn1persecurity.com\/documentation<\/a>:<\/p>\n See Sn1per Professional 2026 in motion — a 32-second walkthrough of the platform, modules, and workflow.<\/p>\ndocker compose<\/code> service named sn1per-pro<\/code> exposes the web UI on port 1338 (mapped to the canonical 1337 internally), depends on a PostgreSQL service, and bind-mounts the shared \/sniper\/loot<\/code> directory so scan output persists across container restarts. Privileged mode and custom DNS (10.0.0.1, 8.8.8.8) are pre-configured for the scanner toolchain.<\/p>\ndocker compose up<\/code> to land a fully operational Pro instance in minutes, with reproducible builds across environments.<\/p>\nModernized Web UI — Bootstrap 5, Tabler, and Dark Mode<\/h2>\n
localStorage<\/code>, brings the UI in line with what every operator expects in 2026. Client-side logic moves to a custom sn1per-ui.js<\/code> bundle (versioned for cache-busting) that is the single source for tab switching, drawer transitions, and asynchronous form submission across every page.<\/p>\nWorkspace Navigator<\/h2>\n
workspace-navigator.php<\/code> dashboard is the first page operators see after login. It lists every workspace with at-a-glance statistics — workspace size, host count, last scan timestamp, risk gauges — and provides direct quick-links into the workspace, the config editor, and the integrated terminal drawer. No more digging through directory listings or SSH’ing into the server to figure out which engagement is which.<\/p>\nWorkspace Reports and Host Reports<\/h2>\n
\n
workspace-report.php<\/code>) — per-workspace vulnerability summaries with color-coded severity gauges, scan history and status, custom-finding management, and one-click report generation\/export.<\/li>\nhost-report.php<\/code>) — individual target analysis with vulnerability parsing from the SC0PE format, port enumeration, service identification, technology fingerprinting, and threat intelligence integration.<\/li>\n<\/ul>\nJSON API v1.0<\/h2>\n
api.php<\/code> implements the JSON API v1.0 with endpoints for workspace and host access, vulnerability queries, scan status, and report cache management. Two authentication modes are supported: existing HTTP Digest credentials (the same identity used by the web UI) and a new X-API-Key<\/code> header for headless integrations — CI\/CD pipelines, SOC dashboards, ticketing systems.<\/p>\nScan Modes<\/h2>\n
sniper -h<\/code>, organized by intent:<\/p>\n\n
normal<\/code> (the default scan profile), stealth<\/code> (low-noise, throttled).<\/li>\ndiscover<\/code> for CIDR sweeps, massdiscover<\/code> for distributed CIDR sweeps from a target file.<\/li>\nport<\/code> for a specific port, massportscan<\/code> for a target file, plus the -fp<\/code> flag for a fullportonly sweep.<\/li>\nweb<\/code> (ports 80 and 443), webporthttp<\/code> and webporthttps<\/code> for arbitrary HTTP\/HTTPS ports, and webscan<\/code> for an HTTP-only deep scan.<\/li>\nmassweb<\/code>, masswebscan<\/code>, massvulnscan<\/code> — same web\/vulnerability profiles, run across a target list with -f targets.txt<\/code>.<\/li>\nairstrike<\/code> for a multi-target sweep and nuke<\/code> for the “everything on” profile (full bruteforce, full port scan, OSINT, recon, and workspace import enabled).<\/li>\n-b<\/code> flag enables credential testing against discovered services for FTP, SSH, HTTP, SMB, MySQL, PostgreSQL, RDP, and VNC.<\/li>\n<\/ul>\nserver-scan.php<\/code> — which itself supports option flags and Burp Suite proxy integration for testing through your existing toolchain.<\/p>\nNew Operator Switches<\/h2>\n
\n
-v<\/code> \/ --verbose<\/code> — toggles verbose scan output. Every tool the engine invokes now echoes its full command line and progress, so you can see exactly what is running against the target without tailing config files or debug logs.<\/li>\n-db<\/code> \/ --debug<\/code> — full debug mode. Enables verbose plus per-step trace output for every module in the scan pipeline. Use this when triaging a failed scan or building a new mode of your own.<\/li>\n-rr<\/code> \/ --remove-resume-files<\/code> — clears the resume-state files from previous scans before this one starts. Resume files speed up rescans by skipping completed steps, but sometimes you want a fresh run — -rr<\/code> gives you that with a single flag instead of manual cleanup under loot\/workspace\/<name>\/scans\/<\/code>.<\/li>\n<\/ul>\nsniper.conf<\/code>. Combine them on the same command line as needed (e.g. sniper -t target.com -m airstrike -v -rr<\/code>).<\/p>\n![\"Sn1per](\"https:\/\/sn1persecurity.com\/wordpress\/wp-content\/uploads\/2026\/04\/sn1per-pro-2026-dashboard.png\")
<\/a><\/p>\nOffcanvas Quick Commands Sidebar<\/h2>\n
\n
Advanced Modules<\/h2>\n
\n
masspwn-modules.txt<\/code>) and payload repository (masspwn-payloads.txt<\/code>) for mass-exploitation workflows.<\/li>\n127.0.0.1:8080<\/code>) so every scan can be routed through your Burp instance for inspection.<\/li>\n<\/ul>\nSC0PE Vulnerability Framework<\/h2>\n
\n
sc0pe.sh<\/code> — the main SC0PE driver that orchestrates the sub-scanners.<\/li>\nsc0pe-active-webscan.sh<\/code> — active web vulnerability scanning.<\/li>\nsc0pe-network-scan.sh<\/code> — network-layer vulnerability scanning.<\/li>\nsc0pe-passive-webscan.sh<\/code> — passive web reconnaissance for low-noise engagements.<\/li>\nstatic-grep-search.sh<\/code> — static analysis through curated grep patterns.<\/li>\njavascript-analysis.sh<\/code> — JavaScript code analysis for client-side vulnerabilities.<\/li>\n<\/ul>\nHardened-by-Design PHP Library Stack<\/h2>\n
lib\/<\/code>: a bootstrap loader with structured error handling and syslog, dedicated input validation, CSRF token generation and verification, safe HTML output encoding, a file-based cache with TTL for report performance, and a workspace data-access layer that replaces ad-hoc shell calls with audited PHP. Pro 2026 ships with comprehensive input validation and security hardening across the PHP layer — existing customers should plan to upgrade to take advantage of these improvements.<\/p>\nInstallation and Infrastructure<\/h2>\n
install_pro.sh<\/code>) automates a known-good base on Kali Linux, Ubuntu, and Debian: PHP 8.4, Apache 2.4, SSL with self-signed cert, HTTP Digest auth, and a randomly generated admin password (stored in pro\/data\/.admin-password<\/code>). Systemd Apache hardening overrides land alongside — PrivateTmp<\/code> and ProtectSystem<\/code> are tuned so scan tools can read the filesystem without breaking Apache’s isolation guarantees.<\/p>\npg<\/code> gem from 1.5.9 to 1.6.3 or higher during install. Nessus add-on dependencies, ReverseAPK toolchain, Nuclei templates, and Brutex wordlists are all installed without manual intervention.<\/p>\nDocumentation Refresh<\/h2>\n
\n
sniper.conf<\/code> and settings.php<\/code> tunable explained.<\/li>\nWatch the Demo<\/h2>\n