Skip to content

Sn1per Configuration Options

xer0dayz edited this page Jul 26, 2023 · 7 revisions

Sn1per has many configuration options available to enabled, disable and configure almost every tool used by Sn1per.

To configure Sn1per for your system, you can edit the /root/.sniper.conf file and update all settings based on your needs. Most are straight forward but we've listed some of the settings below for reference with a brief description of what each does to assist.

  • AUTOBRUTE="1" - Enables automatic brute forcing via "normal" and "nuke" mode scans. Can also be enabled from the command line via the (-b) switch.
  • AI_BRUTEFORCE="1" - Enable automatic brute forcing via "normal" mode scans if a brute forcible service is detected.
  • FULLNMAPSCAN="1" - Enabled automatic full NMap scanning via "normal" and "nuke" mode scans. Can also be enabled from the command line via the (-fp) switch.
  • OSINT="1" - Enables automatic OSINT mode scans via "normal", "stealth", "airstrike" and "nuke" mode scans. Can also be selectively enabled from the command line via the (-o) switch.
  • ENABLE_AUTO_UPDATES="1" - Automatically checks for new Sn1per Community version updates from Github.
  • ONLINE="1" - Checks if an active internet connection is present. This is still an experimental feature and not fully implemented or utilized.
  • REPORT="1" - Enables report generation for all Sn1per scans. This is a mandatory option, so disabling will cause Sn1per to stop functioning properly.
  • LOOT="1" - Saves all console output and reports to a specified loot or workspace directory. Disable to prevent logging and saving of all files. Please note that this option is required for Sn1per Professional to function properly.
  • SNIPER_PRO_CONSOLE_OUTPUT="0" - Displays an overview of all hosts in a workspace (ie. open ports, web title, web headers, DNS, etc.) at the end of all Sn1per scans via the console.
  • SN1PER_AUTOLOAD="1" - Automatically opens a web browser to load the Sn1per Professional HTML reports from. Disable to prevent this.
  • ARACHNI_SCAN="1" - Enables Arachni automated web application scans via the "webscan" mode. No additional configuration is required on Kali Linux 2.x.

Configuration Flow

Sn1per will load the following locations to set various options required for Sn1per in the following order:

  1. /usr/share/sniper/sniper.conf # The default Sn1per configuration file
  2. /root/.sniper.conf # User specified Sn1per configuration file (persistent config)
  3. For Sn1per Professional and Enterprise customers: The configuration file located under /sniper/conf/ will over all default values when selected from the web UI.
  4. /root/.sniper_api_keys.conf # User specific API keys and credentials (persistent config)

Any changes made to the persistent config files will NOT be overwritten by future upgrades of Sn1per.

Dynamic Configuration Options

In addition to the above configuration options, Sn1per can also load dynamic configuration files from a custom location to use for each scan via the (-c) switch:

sniper -t 127.0.0.1 -m web -c /usr/share/sniper/conf/sc0pe_only_webscan -w 127.0.0.1

See /usr/share/sniper/conf/ for examples and templates along with our wiki documentation here.