WebsiteGhoulsec-Vault

NMAP & SuperENUM

Perform Host Discovery 

1. ARP Ping Scan : nmap -sn -PR [Target IP Address]
2. UDP Ping Scan : nmap -sn -PU [Target IP Address]
3. ICMP Echo Ping Scan : nmap -sn -PE [Target IP Address]
4. ICMP Ping Sweep Scan : nmap -sn -PE [Target Range of IP Addresses]
5. ICMP Timestamp Scan : nmap -sn -PP [Target IP Address]
6. ICMP Address Mask ping scan :  nmap -sn -PM [target IP address]
7. TCP Syn Scan : nmap -sn -PS [target IP address]
8. TCP ACK scan : nmap -sn -PA [target IP address]
9. IP Protocol ping scan : nmap -sn -PO [target IP address]

Perform Port and Service Discovery

 1. TCP Full Scan : nmap -sT -v [Target IP Address]
 2. TCP Stealth Scan : nmap -sS -v [Target IP Address]
 3. TCP XMAS Scan : nmap -sX -v [Target IP Address]
 4. TCP Maimon Scan : nmap -sM -v [Target IP Address]
 5. ACK Scan : nmap -sA -v [Target IP Address]
 6. UDP Scan :  nmap -sU -v [Target IP Address]
 7. IPID header scan : nmap -sI -v [target IP address]
 8. SCTP Init Scan : nmap -sY -v [target IP address]
 9. SCTP Cookie echo Scan : nmap -sZ -v [target IP address]
 10. Service Version Scan : nmap -sV [Target IP Address]

Perform OS Discovery

1. NMAP Aggressive scan : nmap -A [Target IP Address]
2. OS Detection scan : nmap -O [Target IP Address]
3. OS Detection scan using NSE : nmap --script smb-os-discovery.nse [Target IP Address]

Scan beyond IDS and Firewall

1. Fragment Split Scan : nmap -f [Target IP Address]
2. Source port manipulation : nmap -g 80 [Target IP Address]
3. Custom MTU Scan : nmap -mtu 8 [Target IP Address]
4. Random IPS Scan : nmap -D RND:10 [Target IP Address]
5. Custom MAC : nmap -sT -Pn --spoof-mac 0 [Target IP Address]

SMTP Enumeration : 

    nmap -p 25 --script=smtp-enum-users [Target IP Address]
    nmap -p 25 --script=smtp-open-relay [Target IP Address]
    nmap -p 25 --script=smtp-commands [Target IP Address]

SuperENUM

https://github.com/p4pentest/SuperEnum

Usage & Installation

This script does the basic enumeration of any open port along with screenshots.

Download the files:

  1. superenum

  2. commands.config

Process to follow:

  1. Place both the files in a folder.

  2. Place list of IP Address in a file and give it any name.

  3. Open terminal with 'root' user and navigate to the folder where it has been copied in step 1.

  4. Run the below command: ./superenum

## SYNTAX
echo "10.10.1.19" >> Target.txt
chmod +x superenum
./superenum
PreviousNetwork Scanning Enumaration & Vulnerability Detection ToolsNextNmap

Last updated