aeondave/sn1per
offensive-tools/recon/sn1per/SKILL.md
Automated penetration testing recon framework combining 20+ tools in a single scan. Use when performing comprehensive target recon that combines port scanning, subdomain discovery, web crawling, and vulnerability detection.
$ install --global
skillsauthnpx skillsauth add aeondave/malskill sn1perInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 9:29 PM58.0s1 file scanned
SKILL.md
- name:
- sn1per
- description:
- Automated penetration testing recon framework combining 20+ tools in a single scan. Use when performing comprehensive target recon that combines port scanning, subdomain discovery, web crawling, and vulnerability detection.
- license:
- MIT
- compatibility:
- Bash; Linux (Kali recommended); github.com/1N3/Sn1per
- author:
- AeonDave
- version:
- 1.0
Sn1per
Automated recon framework — orchestrates nmap, nikto, metasploit, amass, and 20+ tools.
Quick Start
git clone https://github.com/1N3/Sn1per
cd Sn1per && bash install.sh
# Full recon on target
sniper -t target.com
# Network CIDR scan
sniper -t 10.10.10.0/24 -m discover
# Web scan only
sniper -t target.com -m web
Scan Modes
| Mode | Purpose |
|------|---------|
| (default) | Full recon + vuln scan |
| discover | Network discovery (ping sweep, port scan) |
| stealth | Slower, quieter scan |
| web | Web-focused (nikto, gobuster, etc.) |
| bruteforce | Service brute-force |
| airstrike | Mass scan from CIDR |
| nuke | Full attack automation |
Common Workflows
Full target assessment:
sniper -t target.com
# Results in /usr/share/sniper/loot/
CIDR discovery:
sniper -t 192.168.1.0/24 -m discover -w workspace1
Web app assessment:
sniper -t https://app.target.com -m web
Resources
| File | When to load |
|------|--------------|
| references/ | Module configuration and loot paths |
Related Skills
aeondave/vibe-audit-technique
development
VerifiedTrustedCommunity
White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).
4SKILL.mdUpdated Jun 12, 2026
aeondave/source-review-technique
development
VerifiedTrustedCommunity
Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.
4SKILL.mdUpdated Jun 12, 2026
aeondave/hardware-technique
development
VerifiedTrustedCommunity
Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.
4SKILL.mdUpdated Jun 12, 2026
aeondave/container-technique
devops
VerifiedTrustedCommunity
Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.
4SKILL.mdUpdated Jun 12, 2026