# enumeration

#active-directory#windows#enumeration

BloodHound

Active Directory relationship mapping and attack path visualization tool

#active-directory#windows#smb

CrackMapExec

Swiss army knife for pentesting Windows/Active Directory environments

#web#directory-bruteforce#enumeration

Dirsearch

Web path discovery tool for brute-forcing directories and files on web servers

DNSenum

DNS enumeration tool for discovering subdomains, zone transfers, and DNS records

DNSmap

DNS subdomain brute-forcing tool for discovering hidden subdomains

DNSrecon

DNS reconnaissance tool for zone transfers, subdomain enumeration, and record queries

Enum4linux

Linux tool for enumerating Windows/Samba shares, users, and groups via SMB

#smb#enumeration#windows

Fierce

DNS reconnaissance and brute-force tool for locating non-contiguous IP space

#web#directory-bruteforce#enumeration

Gobuster

Directory and DNS brute-forcing tool for discovering hidden paths and subdomains

#active-directory#windows#impacket

impacket-lookupsid

SID brute-forcing tool to enumerate domain users and groups via RPC

#active-directory#enumeration#ldap

ldapsearch

LDAP query tool for enumerating Active Directory objects, users, and groups

#privilege-escalation#linux#enumeration

LinEnum

Linux privilege escalation enumeration script that checks for common misconfigurations

#privilege-escalation#linux#enumeration

LinPEAS

Linux Privilege Escalation Awesome Script for automated enumeration of escalation vectors

#scanning#enumeration#windows

nbtscan

NetBIOS name scanner for discovering Windows hosts and their NetBIOS information

#scanning#enumeration#reconnaissance

Nmap

Network scanner for port discovery, service detection, OS fingerprinting, and script scanning

#scanning#enumeration#snmp

onesixtyone

Fast SNMP community string brute-forcer for discovering SNMP-enabled devices

#active-directory#windows#enumeration

PowerView

PowerShell tool for Active Directory enumeration and domain reconnaissance

rpcclient

Samba RPC client for enumerating users, groups, and shares on Windows systems

#enumeration#windows#smb

#active-directory#windows#enumeration

SharpHound

BloodHound data collector that gathers Active Directory relationship data

Showmount

NFS enumeration tool for listing exported shares on remote servers

#enumeration#nfs#linux

#smb#enumeration#file-transfer

smbclient

SMB client for accessing and interacting with Windows file shares from Linux

SMBMap

SMB share enumeration tool for listing shares, permissions, and accessing files

#smb#enumeration#windows

#scanning#enumeration#snmp

snmpwalk

SNMP enumeration tool for querying MIB trees and extracting device information

#privilege-escalation#linux#enumeration

unix-privesc-check

Unix privilege escalation checker script that identifies common misconfigurations

#privilege-escalation#windows#enumeration

WinPEAS

Windows Privilege Escalation Awesome Script for automated enumeration of escalation vectors