📜Cheat Sheet

Namp (Network Mapper) - Cheat Sheet

Web path scanner. More information: https://github.com/maurosoria/dirsearch.

dirsearch --url {{url}} --extensions-list

dirsearch --url-list {{path/to/url-list.txt}} --extensions {{php}}

dirsearch --url {{url}} --extensions-list --wordlist {{path/to/url-paths.txt}}

dirsearch --url {{url}} --extensions {{php}} --cookie {{cookie}}

dirsearch --url {{url}} --extensions {{php}} --http-method {{HEAD}}

dirsearch --url {{url}} --extensions {{php}} --json-report {{path/to/report.json}}

COMMAND

DESCRIPTION

enum4linux -v target-ip

Verbose mode, shows the underlying commands being executed by enum4linux

enum4linux -a target-ip

Do Everything, runs all options apart from dictionary based share name guessing

enum4linux -U target-ip

Lists usernames, if the server allows it - (RestrictAnonymous = 0)

enum4linux -u administrator -p password -U target-ip

If you've managed to obtain credentials, you can pull a full list of users regardless of the RestrictAnonymous option

enum4linux -r target-ip

Pulls usernames from the default RID range (500-550,1000-1050)

enum4linux -R 600-660 target-ip

Pull usernames using a custom RID range

enum4linux -G target-ip

Lists groups. if the server allows it, you can also specify username -u and password -p

enum4linux -S target-ip

List Windows shares, again you can also specify username -u and password -p

enum4linux -s shares.txt target-ip

Perform a dictionary attack, if the server doesn't let you retrieve a share list

enum4linux -o target-ip

Pulls OS information using smbclient, this can pull the service pack version on some versions of Windows

enum4linux -i target-ip

Pull information about printers known to the remove device.

Hacker's Mantra:Playfully doing something difficult, whether useful or not, that is hacking. - Richard Stallman

Was this helpful?