OP 17 April, 2025 - 09:26 PM
Absolutely, here's the tutorial in English, no emojis:
What is Snaffler?Snaffler is an open-source tool designed for internal penetration testing or red teaming in Windows environments.
Its main purpose is to scan SMB shares across a network and identify potentially sensitive files—things like configuration files, scripts, database exports, and especially files containing credentials.
In short, it helps you automatically find interesting or sensitive files on accessible file shares in a Windows domain.
What is Snaffler used for?Snaffler helps identify files that might contain:
How to Use Snaffler – Step-by-Step Guide1. Download Snaffler
You can clone the repository from GitHub:
Or download a precompiled release here:
https://github.com/reddrabit1337/Snaffler
If you're using the source code, you'll need to compile it with Visual Studio.
2. Run SnafflerOnce you have the binary, run it from a command prompt or PowerShell on a machine connected to the domain:
This will show you all the available options.
A basic scan looks like this:
Or scan a specific subnet:
3. Useful OptionsOptionDescription
Target domain name
Use a filters file (define what to include/exclude)
Output file for results
Output in JSON format
Quiet mode (less verbose)
Only list network shares without scanning filesExample with filters and output file:
Best Practices
What is Snaffler?Snaffler is an open-source tool designed for internal penetration testing or red teaming in Windows environments.
Its main purpose is to scan SMB shares across a network and identify potentially sensitive files—things like configuration files, scripts, database exports, and especially files containing credentials.
In short, it helps you automatically find interesting or sensitive files on accessible file shares in a Windows domain.
What is Snaffler used for?Snaffler helps identify files that might contain:
- Plaintext passwords (,Code:
passwords.txt
,Code:.env
, etc.)Code:.xml
- API keys or secrets
- PowerShell scripts or batch files
- Database exports
- Configuration files containing internal info
How to Use Snaffler – Step-by-Step Guide1. Download Snaffler
You can clone the repository from GitHub:
Code:
git clone https://github.com/reddrabit1337/Snaffler.githttps://github.com/reddrabit1337/Snaffler
If you're using the source code, you'll need to compile it with Visual Studio.
2. Run SnafflerOnce you have the binary, run it from a command prompt or PowerShell on a machine connected to the domain:
Code:
Snaffler.exe -vA basic scan looks like this:
Code:
Snaffler.exe -d yourdomain.localCode:
Snaffler.exe 192.168.1.0/243. Useful OptionsOptionDescription
Code:
-dCode:
-fCode:
-oCode:
-cCode:
-qCode:
--sharesCode:
Snaffler.exe -d YOURDOMAIN.LOCAL -f filters\default.filters -o results.json -cBest Practices
- Run Snaffler after privilege escalation to get access to more shares.
- Use it in combination with tools like BloodHound or SharpHound for deeper analysis.
- Filter or parse the JSON output for quick triage.
![[Image: hackerman.gif]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fstatic.cracked.sh%2Fimages%2Fsmilies%2Fhackerman.gif)