SiteSniper is a script created to automate some phases of a blackbox penetration test. Once the target has been identified, many scripts are prepared which you can decide if and when to execute them simply by pressing ENTER. It uses tmux as terminal so it is necessary to know how to use it. The scripts concern the phase of:

• weaponization: a series of scripts that could be used in the post-exploitation phase on the target machine are loaded onto the attacking Linux machine;
• target fingerprint and exploitation: scripts to collect information on the target (information gathering, service information gathering, OSINT, etc) and scripts that help identify possible exploits;
• web App Site fingerprint: script for analyze site structure, virtual host, etc;
• web App Information gathering: script to implement google dork, CMS analysis, etc;
• web App AuthN bypass: script to implement service brute force, command injection, webDAV analysis, etc. Once you select a phase, the script will prepare many tmux session with the precompiled command.

./siteSniper.sh eth0 https://www.example.com

select one of the penetration test PHASES you are interested in:

Once selected the PHASE, scripts will be generated using tmux as terminal. At this point you can select a specific SUB-PHASE using tmux commands:
(CTRL + b) w

once the SUB-PHASE has been selected you will be able to view the commands that have been pre-compiled to analyse the SUB-PHASE. At this point it is possible to selecet and execute a specific command just pressing ENTER:

When you need to change penetration test PHASE and return to main manu, you need to close the tmux session. To implement this action you need to use the tmux shortcut:
(CTRL + b) :kill-session

./siteSniper.sh <interface> <target url>

It's very simple

cd /opt

sudo git clone https://github.com/dokDork/red-team-penetration-test-script.git