Sn1per by 1N3@CrowdShield

CHANGELOG.md

@@ -1,4 +1,10 @@
 ## CHANGELOG:
+* v3.0 - Improved performance of various sniper modes
+* v3.0 - Added Aquatone domain flyover tool
+* v3.0 - Added slurp S3 public AWS scanner
+* v3.0 - Updated Sub-domain hijacking site list
+* v3.0 - Changed look and feel of console output to help readability
+* v3.0 - Added online/offline check to implement changes to scans when in online vs. offline mode
 * v2.9 - New improved fullportonly scan mode
 * v2.9 - Added online check to see if there's an active internet connection
 * v2.9 - Changed default browser to firefox to clear up errors in loot commmand
@@ -187,7 +193,3 @@
 * v1.4 - Added Breach-Miner for detection of breached accounts
 * v1.4 - Fixed minor errors with nmap
 * v1.4 - Removed debug output from goohak from displaying on console
-
-## FUTURE:
-* Add auto logging and reporting to all scans
-* Add HTML reporting for scans

LICENSE.md

@@ -0,0 +1,2 @@
+## LICENSE:
+This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.

README.md

@@ -91,6 +91,7 @@ This software is free to distribute, modify and use with the condition that cred
 ## DONATIONS:
 Donations are welcome. This will help fascilitate improved features, frequent updates and better overall support for sniper.
 - [x] BTC 1Fav36btfmdrYpCAR65XjKHhxuJJwFyKum
-- [x] DASH XoWYdMDGb7UZmzuLviQYtUGb5MNXSkqvXG
 - [x] ETH 0x20bB09273702eaBDFbEE9809473Fd04b969a794d
-- [x] LTC LQ6mPewec3xeLBYMdRP4yzeta6b9urqs2f
+- [x] LTC LQ6mPewec3xeLBYMdRP4yzeta6b9urqs2f
+- [x] XMR 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbS3EN24xprAQ1Z5Sy5s
+- [x] ZCASH t1fsizsk2cqqJAjRoUmXJSyoVa9utYucXt7

TODO.md

@@ -1,5 +1,7 @@
 ###TODO:
 
+* Implement a module system for running specific commands/modules
+* Add checks to make sure all commands exist at startup. If not, refer to installer. 
 * Add command line parsing of options/modes
 
 sniper --target crowdshield.com --workspace crowdshield.com --report --bruteforce --web --recon --portscan
@@ -10,4 +12,8 @@ sniper --target crowdshield.com --kalionly --offline --webportonly 443
 * Add automatic reporting and workspace creation for all scans by default
 * Add proxy support for all scans
 * Create uninstall.sh script
-* Add AWS security checks
+* Add AWS security checks
+* Look into adding aquatone
+* Look into adding gobuster
+* Update subdomain list with aquatone list
+* Increase thread count for file/dir brute force

install.sh

@@ -41,6 +41,7 @@ apt-get install xdg-utils metagoofil clusterd ruby rubygems python dos2unix zenm
 pip install dnspython colorama tldextract urllib3 ipaddress requests
 
 echo -e "$OKORANGE + -- --=[Installing gem dependencies...$RESET"
+gem install aquatone
 gem install rake
 gem install ruby-nmap net-http-persistent mechanize text-table
 
@@ -67,6 +68,10 @@ git clone https://github.com/lunarca/SimpleEmailSpoofer
 git clone https://github.com/arthepsy/ssh-audit 
 git clone https://github.com/m0rtem/CloudFail.git
 git clone https://github.com/deibit/cansina
+wget https://github.com/bbb31/slurp/releases/download/1.3/slurp.zip
+unzip slurp.zip
+rm -f slurp.zip
+wget https://github.com/michenriksen/aquatone/blob/master/subdomains.lst -O /usr/share/sniper/plugins/Sublist3r/subdomains.lst
 wget https://raw.githubusercontent.com/1N3/IntruderPayloads/master/FuzzLists/dirbuster-quick.txt -O /usr/share/sniper/plugins/cansina/dirbuster-quick.txt
 wget https://svn.nmap.org/nmap/scripts/http-vuln-cve2017-5638.nse -O /usr/share/nmap/scripts/http-vuln-cve2017-5638.nse
 wget https://raw.githubusercontent.com/xorrbit/nmap/865142904566e416944ebd6870d496c730934965/scripts/http-vuln-INTEL-SA-00075.nse -O /usr/share/nmap/scripts/http-vuln-INTEL-SA-00075.nse