CEH Practical Guide
  • Certified Ethical Hacker (CEH v12 and CEH V13) Practical Guide: Complete Study Resources & Tips
  • Module 2. Footprinting and Reconnaissance
    • 1. Footprinting through Search Engines
    • 2. Perform Footprinting Through Internet Research Services
    • 3. Footprinting through Social Networking sites
    • 4. Website Footprinting
    • 5. WHOIS Footprinting
    • 6. DNS Footprinting
    • 7. Network footprinting
    • 8. Email Footprinting
    • 9. Footprinting using footprinting tools
    • 10. Perform Footprinting using AI
  • Module 3. Scanning Networks
    • 1. Host Discovery
    • 2. Port and Service Discovery
    • 3. Perform OS Discovery
    • 4. Scan beyond Firewalls and IDS
    • 5. Network scanning using various tools
    • 6. Perform Network Scanning using AI
  • Module 4. Enumeration
    • 1. Netbios Enumeration (Port 137)
    • 2. SNMP Enumeration (Port 161,162)
    • 3. LDAP Enumeration (Port 389)
    • 4. NFS Enumeration
    • 5. DNS Enumeration
    • 6. SMTP Enumeration
    • 7. RPC, SMB and FTP Enumeration
    • 8. Enumeration using various tools
    • 9. Perform Enumeration using AI
  • Module 5. Vulnerability Assessment
    • 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases
    • 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
    • 3. Perform Vulnerability Analysis using AI
  • Module 6. System Hacking
    • 1. Gain access to the system
    • 2. Privilege Escalation
    • 3. Maintain Remote Access and Hide Malicious Activities
    • 4. Clear Logs to hide the Evidence of Compromise
    • 5. Active Directory (AD) Attacks
  • Module 7. Malware Threats
    • 1. Gain access to systems with Trojans
    • 2. Infect the system using Virus
    • 3. Perform Static Malware Analysis
    • 4. Perform Dynamic Malware Analysis
  • Module 8. Sniffing
    • 1. Perform Active Sniffing
    • 2. Perform Network Sniffing using Various Sniffing Tools
    • 3. Detect Network Sniffing
  • Module 9. Social Engineering
    • 1. Perform Social Engineering using tools
    • 2. Detect a Phishing attack
    • 3. Audit Organization security for phishing attacks
    • 4. Social Engineering using AI
  • Module 10. Denial of Service
    • 1. Perform DOS and DDOS with various techniques
    • 2. Detect and Protect DOS and DDOS attacks
  • Module 11. Session Hijacking
    • 1. Perform Session Hijacking
    • 2. Detect Session Hijacking
  • Module 12. Evading IDS, antivirus and Honeypots
    • 1. Intrusion Detection using various tools
    • 2. Evade Firewall using Evasion Techniques
  • Module 13. Hacking Web Servers
    • 1. Footprint the Webserver
    • 2. Perform Webserver attacks
    • 3. Perform a Web Server Hacking using AI
  • Module 14. Hacking Web Applications
    • 1. Footprint the Web Infrastructure
    • 2. Perform Web applications Attacks
    • 3. Detect Web Vulnerabilities using using web application security tools
    • 4. Perform Web Application Hacking using AI
  • Module 15. SQL Injection
    • 1. Perform SQL Injection attacks
    • 2. Detect SQL Vulnerabilities using different tool
    • 3. Perform SQL Injection using AI
  • Module 16. Hacking Wireless Networks
    • 1. Footprint a wireless Network
    • 2. Perform Wireless Traffic Analysis
    • 3. Perform Wireless Attacks
  • Module 17. Hacking Mobile Platforms
    • 1. Hack Android Devices
    • 2. Secure Android Device
  • Module 18. IoT and OT Hacking
    • 1. Footprinting IoT and OT devices
    • 2. Capture and Analyze IoT traffic
    • 3. Perform IoT Attacks
  • Module 19. Cloud Computing
    • 1. Perform Reconnaissance on Azure
    • 2. S3 Bucket Enumeration
    • 3. Exploit S3 buckets
    • 4. Perform Privilege Escalation to Gain Higher Privileges
    • 5. Perform Vulnerability Assessment on Docker Images
  • Module 20. Cryptography
    • 1. Encrypt the Information using Various Cryptography Tools
    • 2. Create a self signed Certificate
    • 3. Perform Disk Encryption
    • 4. Cryptanalysis Using different tools
    • 5. Perform Cryptography using AI
  • Tips for exams
  • Additional Resources
Powered by GitBook
On this page
  • 1. Enumerate using Global Network Inventory
  • 2. Enumerate using angry IP scanner
  • 3. Enumerate using Enum4Linux from samba and Windows hosts

Was this helpful?

  1. Module 4. Enumeration

8. Enumeration using various tools

As an ethical hacker, you should use a range of tools to find as much information as possible about the target network’s systems.

Previous7. RPC, SMB and FTP EnumerationNext9. Perform Enumeration using AI

Last updated 6 months ago

Was this helpful?

1. Enumerate using Global Network Inventory

Global Network Inventory is used as an audit scanner in zero deployment and agent-free environments. It scans single or multiple computers by IP range or domain, as defined by the Global Network Inventory host file.

  1. After installation, open the tool. The Global Network Inventory GUI appears. Click Close on the Tip of the Day pop-up.

  2. The New Audit Wizard window appears; click Next.

  3. Under the Audit Scan Mode section, click the Single address scan radio button, and then click Next.

    You can also scan an IP range by clicking on the IP range scan radio button, after which you will specify the target IP range.

  4. Under the Single Address Scan section, specify the target IP address in the Name field of the Single address option (in this example, the target IP address is 10.10.1.22); Click Next.

  5. The next section is Authentication Settings; select the Connect as radio button and enter the Windows Server 2022 machine credentials (Domain\Username: Administrator and Password: Pa$$w0rd), and then click Next.

    In reality, attackers do not know the credentials of the remote machine(s). In this situation, they choose the Connect as currently logged on user option and perform a scan to determine which machines are active in the network. With this option, they will not be able to extract all the information about the target system. Because this lab is just for assessment purposes, we have entered the credentials of the remote machine directly.

  6. In the final step of the wizard, leave the default settings unchanged and click Finish.

  7. The Scan progress window will appear.

  8. The results are displayed when the scan finished. The Scan summary of the scanned target IP address (10.10.1.22) appears.

    The scan result might vary when you perform this task.

  9. Hover your mouse cursor over the Computer details under the Scan summary tab to view the scan summary, as shown in the screenshot.

  10. Click the Operating System tab and hover the mouse cursor over Windows details to view the complete details of the machine.

  11. Click the BIOS tab, and hover the mouse cursor over windows details to display detailed BIOS settings information.

  12. Click the NetBIOS tab, and hover the mouse cursor over any NetBIOS application to display the detailed NetBIOS information about the target.

    Hover the mouse cursor over each NetBIOS application to view its details.

  13. Click the User groups tab and hover the mouse cursor over any username to display detailed user groups information.

    Hover the mouse cursor over each username to view its details.

  14. Click the Users tab, and hover the mouse cursor over the username to view login details for the target machine.

  15. Click the Services tab and hover the mouse cursor over any service to view its details.

  16. Click the Installed software tab, and hover the mouse cursor over any software to view its details.

  17. Click the Shares tab, and hover the mouse cursor over any shared folder to view its details.

  18. Similarly, you can click other tabs such as Computer System, Processors, Main board, Memory, SNMP systems and Hot fixes. Hover the mouse cursor over elements under each tab to view their detailed information.

2. Enumerate using angry IP scanner

3. Enumerate using Enum4Linux from samba and Windows hosts

enumerate netbios name

enum4linux -u martin -p apple -n 192.168.18.110

-n netbios

-U get usernames

-M get machine list*

-S get sharelist

-P get password policy information

-G get group and member list

Enumerate everything

enum4linux -a 192.168.18.110
Angry IP Scanner - the original IP scanner for Windows, Mac and Linux
Logo
Certified Ethical Hacker (CEHv12) Practical hands on LabsUdemy
Global Network InventoryMagneto Software
Use it if every thing fails
Logo
Logo