enum

My enum script for HTB/OSCP machines

It does

Scan TCP/UDP services
Detect Windows/Linux machine through TTL value
Enumerates FTP service
- NMAP all FTP scripts
Enumerates HTTP service
- NMAP vuln script
- DavTest
- Nikto with CGI-BIN detection
- WPScan (all scan)
- FFUF (dir/file listing through bruteforce requests)
Enumerates HTTPS service
- NMAP vuln script
- DavTest
- Enumerate SSL/TLS Certificate
- Nikto with CGI-BIN detection
- WPScan (all scan)
- FFUF (dir/file listing through bruteforce requests)
Enumerates SMB service
- NMAP all SMB scripts
- SMBMap list SMB with differents credentials
- enum4linux
- nullinux
Enumerates SNMP service
- SNMPWalk
- SNMP-Check
Enumerates DNS sercice
- NMAP all DNS scripts
- DNS Zone Transfer with dig
- All information with dig
Enumerates SubDNS
- DNSRecon
Enumerates RPC service (111)
- RPCInfo
- ShowMount
Enumerates MS-RPC service (135, 593)
- RPCDump.py
Enumerates LDAP service
- Own LDAPInfo script
Enumerates files
- file command
- binwalk
- exiftool
- steghide with empty passphrase

Add the wd of the repo to your $PATH

echo "export PATH=\$PATH:$(pwd)" >> ~/.bashrc

Add the path of the repo to the /etc/sudoers secure_path variable if needed

enum <ip>

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
img		img
README.md		README.md
enum		enum
enum-dns		enum-dns
enum-file		enum-file
enum-ftp		enum-ftp
enum-http		enum-http
enum-https		enum-https
enum-msrpc		enum-msrpc
enum-ports		enum-ports
enum-rpc		enum-rpc
enum-scheduler		enum-scheduler
enum-services		enum-services
enum-smb		enum-smb
enum-snmp		enum-snmp
enum-subdns		enum-subdns
enumerate		enumerate
getcert		getcert
ldapinfo		ldapinfo
os		os