Module 04: Enumeration

Lab 1: Perform NetBIOS Enumeration

Task 1: Perform NetBIOS Enumeration using Windows Command-Line Utilities

## Commands used : 
1. Netbios name table: nbtstat -a [IP address of the remote machine]
2. Netbios cache : nbtstat -c 
3. File Shares enumeration : net use

Lab 2: Perform SNMP Enumeration

Task 1: Perform SNMP Enumeration using SnmpWalk

## Commands used :
1. SNMP V1 : snmpwalk -v1 -c public [target IP]
2. SNMP V2c : snmpwalk -v2c -c public [Target IP Address]   

Lab 3: Perform LDAP Enumeration

Task 1: Perform LDAP Enumeration using Active Directory Explorer (AD Explorer)

Tools used in this section :

1. Active Directory Explorer

2. Softerra LDAP Administrator

3. LDAP Admin Tool

4. LDAP Account Manager

5. LDAP Search

Lab 4: Perform NFS Enumeration

## Commands used : 
1.  Nmap Port Scan : nmap -p 2049 [Target IP Address]

Tools used in this section :

1. SuperEnum :

   1. echo "10.10.1.19" >> Target.txt

   2. chmod +x superenum

   3. ./superenum

2. RPCScan :

   1. python3 rpc-scan.py [Target IP address] --rpc

Lab 5: Perform DNS Enumeration

Task 1: Perform DNS Enumeration using Zone Transfer

## DNS Zone transfer using Dig
    dig ns [Target Domain]
    dig @[NameServer] [Target Domain] axfr 

## DNS Zone transfer using Nslookup
    nslookup <interactive mode to be used>
        set querytype=soa
        ls -d [Name Server]

Lab 6: Perform SMTP Enumeration

Task 1: Perform SMTP Enumeration using Nmap

## Commands used in this section : 
1.  NMAP
    nmap -p 25 --script=smtp-enum-users [Target IP Address]
    nmap -p 25 --script=smtp-open-relay [Target IP Address]
    nmap -p 25 --script=smtp-commands [Target IP Address]

Lab 7: Perform Enumeration using Various Enumeration Tools

Task 1: Enumerate Information using Global Network Inventory

Tools used in this section :

1. Global Network Inventory