0% found this document useful (0 votes)

59 views8 pages

SMB and SNMP Enumeration Techniques

Uploaded by

rcitizen32

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

59 views8 pages

SMB and SNMP Enumeration Techniques

Uploaded by

rcitizen32

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

Noob Hackers

Enumeration & Network Vulnerabilities

Topic 2: SMB / Windows Enumeration
Command: nmap -p 139,445 --script=smb-enum-shares,smb-enum-users,smb-os-discovery -oA smb_enum [Link]

WHAT IT DOES:

Uses Nmap NSE scripts to enumerate SMB shares, users, and server OS; does port probe and runs SMB-related NSE scripts.

FLAGS:

-p 139,445 — scan SMB ports (NetBIOS & SMB over TCP), --script <scriptlist> — run NSE scripts (can be comma-separated), smb-enum-
shares — lists shares, smb-enum-users — enumerate user accounts (where possible), smb-os-discovery — tries to detect OS/version, -
oA <basename> — output in all formats (xml, nmap, grepable).

SAMPLE OUTPUT:

PORT STATE SERVICE

139/tcp open netbios-ssn
445/tcp open microsoft-ds
| smb-enum-shares:
| SharedDocs: READ CYBER SECURITY CLASSES
| Backups: READ, WRITE Join: 9113948054
| smb-enum-users: By Noob Hackers

INDUSTRY USE:

Use when embedding SMB checks into larger network discovery — easier to centralize results and keep outputs for reporting.
Good for scheduled scans or baseline checks.
Noob Hackers

MODULE 4.2

APPLICATION/SERVICE
ENUMERATION: SNMP,
WEBAPPS

CYBER SECURITY CLASSES

Join: 9113948054
By Noob Hackers
Noob Hackers
07

Enumeration & Network Vulnerabilities

Topic 3 : Application/Service Enumeration: SNMP, Webapps
Command: snmpwalk -v2c -c public [Link]

WHAT IT DOES:

SNMP Enumeration Walks through the SNMP MIB (It’s basically a database (or dictionary) of all the “things” that can be monitored or
managed on a device using SNMP (Simple Network Management Protocol)) tree using community string public. Extracts system info,
network interfaces, running processes, even plaintext credentials from misconfigured devices.

FLAGS:

snmpwalk — SNMP query tool, -v2c — SNMP protocol version (v2c = common, supports bulk), -c public — community string (like a
password). Try public, private, manager, [Link] — target IP.

SAMPLE OUTPUT:

SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software 15.1

SNMPv2-MIB::sysContact.0 = STRING: admin@[Link]
SNMPv2-MIB::sysName.0 = STRING: switch01
CYBER SECURITY CLASSES
Join: 9113948054
By Noob Hackers

INDUSTRY USE:

Red team: device fingerprinting, find plaintext creds or backup IPs.

Network admins: inventory devices and verify configurations.
SOC: detect unauthorized SNMP exposure.
Noob Hackers
08

Enumeration & Network Vulnerabilities

Topic 3 : Application/Service Enumeration: SNMP, Webapps
Command: curl -I [Link]

WHAT IT DOES:

Web Header Enumeration Fetches only the HTTP headers (no body). Reveals server type, framework, and security headers. Quick way
to profile a web app.

FLAGS:

curl — command-line web client.

-I — fetch headers only (HEAD request).

SAMPLE OUTPUT:

HTTP/1.1 200 OK
Date: Wed, 29 Oct 2025 [Link] GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: PHP/7.0.33
Set-Cookie: sessionid=abc123 CYBER SECURITY CLASSES
Join: 9113948054
By Noob Hackers

INDUSTRY USE:

Web pentesting: identify tech stack (PHP, [Link], etc.).

Blue team: check for missing security headers (CSP, HSTS).
Bug bounty: early fingerprint before scanning.
Noob Hackers
09

Enumeration & Network Vulnerabilities

Topic 3 : Application/Service Enumeration: SNMP, Webapps
Command: nikto -h [Link]

WHAT IT DOES:

Web Vulnerability Scan Performs automated vulnerability scan of webserver — checks for outdated software, default files, insecure
headers, known exploits.

FLAGS:

-h — target host, -p — specify ports, -output [Link] — save output, -C all — check all potential config issues.

SAMPLE OUTPUT:

+ Server: Apache/2.4.18 (Ubuntu)

+ Retrieved x-powered-by header: PHP/7.0.33
+ The anti-clickjacking X-Frame-Options header is not present.
+ /phpmyadmin/: phpMyAdmin directory found
+ /[Link]: Potentially sensitive backup file found. CYBER SECURITY CLASSES
Join: 9113948054
By Noob Hackers

INDUSTRY USE:

Red team / bounty: fast surface-level vuln discovery.

Blue team: verify hardening baseline.
Auditors: compliance scans.
Noob Hackers
10

Enumeration & Network Vulnerabilities

Topic 3 : Application/Service Enumeration: SNMP, Webapps
Command: gobuster dir -u [Link] -w [Link]

WHAT IT DOES:

Directory Brute Force Brute-forces web directories using a wordlist. Helps find hidden admin panels, uploads, config files, etc.

FLAGS:

dir — directory brute mode, -u — target URL, -w — path to wordlist.

SAMPLE OUTPUT:

/admin (Status: 301)

/[Link] (Status: 200)
/uploads (Status: 403)
/[Link] (Status: 200)
CYBER SECURITY CLASSES
Join: 9113948054
By Noob Hackers
INDUSTRY USE:

Red team: find forgotten dev directories, backups, APIs.

Websec engineers: verify proper access controls.
Bug bounty: locate juicy endpoints before logic testing.
Noob Hackers
11

Enumeration & Network Vulnerabilities

FINAL CONCLUSION OR STEPS REVISED: 4. SNMP CHECK:

1. PERFORM HOST DISCOVERY: snmpwalk -v2c -c public [Link]

nmap -sn [Link]/24 Look for system OIDs, device details, interface list.

What to record: live IPs. 5. WEB ENUMERATION:

2. QUICK TCP PORT SCAN ON A FOUND HOST: curl -I [Link]

nmap -sS -p- -T4 [Link] -oN ports_20.txt gobuster dir -u [Link] -w /usr/share/wordlists/dirb/common

Record: open ports and services. nikto -h [Link]

3. SERVICE/VERSION DETECTION: Find hidden admin pages/backups.

nmap -sV -p22,80,139,445 [Link] -oN EXPECTED FINDINGS:

scans/service_20.txt
[Link] SMB shares: SharedDocs (RO), Backups (RW) — Backups a
Identify versions to research CVEs. file write.
SNMP public reveals device info and uptime.
Web server contains /admin and /[Link] accessible.

CYBER SECURITY CLASSES

Join: 9113948054
By Noob Hackers
Noob Hackers

MODULE 4 COMPLETED
CYBER SECURITY CLASSES
Join: 9113948054
By Noob Hackers

Network Enumeration & Vulnerability Guide
No ratings yet
Network Enumeration & Vulnerability Guide
7 pages
Kali Linux Cheat Sheet for Pen Testers
100% (1)
Kali Linux Cheat Sheet for Pen Testers
23 pages
SNMP Enumeration and Tools Overview
No ratings yet
SNMP Enumeration and Tools Overview
31 pages
Netdiscover Commands for Kali Linux
No ratings yet
Netdiscover Commands for Kali Linux
9 pages
Ejpt Notes
No ratings yet
Ejpt Notes
86 pages
OSEP Workshop: Boot to Root Guide
No ratings yet
OSEP Workshop: Boot to Root Guide
84 pages
Enumeration Techniques in Cybersecurity
No ratings yet
Enumeration Techniques in Cybersecurity
21 pages
SMBMap Command Usage for Enumeration
No ratings yet
SMBMap Command Usage for Enumeration
2 pages
SMB Enumeration Guide with Kali Linux
No ratings yet
SMB Enumeration Guide with Kali Linux
13 pages
Enumeration Techniques in Ethical Hacking
No ratings yet
Enumeration Techniques in Ethical Hacking
26 pages
Enumeration Techniques in Cybersecurity
No ratings yet
Enumeration Techniques in Cybersecurity
13 pages
SNMP Brute Force Penetration Testing
No ratings yet
SNMP Brute Force Penetration Testing
25 pages
Enumeration Techniques for Network Security
No ratings yet
Enumeration Techniques for Network Security
19 pages
Penetration Testing Tools Cheat Sheet
100% (2)
Penetration Testing Tools Cheat Sheet
35 pages
Ceh Practical
No ratings yet
Ceh Practical
5 pages
Enumeration Techniques for Cybersecurity
No ratings yet
Enumeration Techniques for Cybersecurity
23 pages
Enumeration Techniques in Cybersecurity
No ratings yet
Enumeration Techniques in Cybersecurity
29 pages
Ethical Hacking: Enumeration Techniques
No ratings yet
Ethical Hacking: Enumeration Techniques
34 pages
Network Enumeration Techniques Explained
No ratings yet
Network Enumeration Techniques Explained
14 pages
Cybersecurity Tools and Techniques Guide
No ratings yet
Cybersecurity Tools and Techniques Guide
36 pages
Enumeration Techniques in Penetration Testing
No ratings yet
Enumeration Techniques in Penetration Testing
15 pages
Linux Command Cheat Sheet for Security
100% (1)
Linux Command Cheat Sheet for Security
2 pages
Enumeration Techniques in Ethical Hacking
No ratings yet
Enumeration Techniques in Ethical Hacking
25 pages
Comprehensive OSCP Preparation Notes
No ratings yet
Comprehensive OSCP Preparation Notes
14 pages
Penetration Testing Tools Overview
100% (1)
Penetration Testing Tools Overview
39 pages
SNMP, SMB, NetBIOS Enumeration
No ratings yet
SNMP, SMB, NetBIOS Enumeration
4 pages
OSCP Cheat Sheet
No ratings yet
OSCP Cheat Sheet
19 pages
SNMP Enumeration Countermeasures
100% (1)
SNMP Enumeration Countermeasures
31 pages
Understanding SMB Protocol and Enumeration
No ratings yet
Understanding SMB Protocol and Enumeration
11 pages
CEHv13 M4
No ratings yet
CEHv13 M4
9 pages
Enumeration Techniques and Examples
No ratings yet
Enumeration Techniques and Examples
34 pages
CEH Practical Exam Cheat Sheet Guide
No ratings yet
CEH Practical Exam Cheat Sheet Guide
6 pages
Comprehensive Network Scanning Guide
No ratings yet
Comprehensive Network Scanning Guide
5 pages
SEO Guide for Information Gathering Techniques
No ratings yet
SEO Guide for Information Gathering Techniques
41 pages
Enumeration Techniques and Tools Guide
No ratings yet
Enumeration Techniques and Tools Guide
200 pages
Ceh
No ratings yet
Ceh
19 pages
PenTesting Methodology: Nmap & OSINT Tools
No ratings yet
PenTesting Methodology: Nmap & OSINT Tools
22 pages
Enumeration Techniques and Tools Guide
No ratings yet
Enumeration Techniques and Tools Guide
31 pages
A Nice OSCP Cheat Sheet
50% (2)
A Nice OSCP Cheat Sheet
12 pages
Network Scanning and Hacking Techniques
No ratings yet
Network Scanning and Hacking Techniques
2 pages
Kali Linux Commands Overview
100% (1)
Kali Linux Commands Overview
3 pages
Kali Linux Command Cheat Sheet
100% (2)
Kali Linux Command Cheat Sheet
2 pages
PenTest Cheatsheet
No ratings yet
PenTest Cheatsheet
21 pages
Enumeration Tools for CEH Exam Prep
No ratings yet
Enumeration Tools for CEH Exam Prep
2 pages
Enumeration Techniques in Penetration Testing
No ratings yet
Enumeration Techniques in Penetration Testing
20 pages
Enumeration Techniques and Tools Guide
No ratings yet
Enumeration Techniques and Tools Guide
133 pages
Active Information Gathering Techniques
No ratings yet
Active Information Gathering Techniques
12 pages
Enumeration Techniques in Ethical Hacking
No ratings yet
Enumeration Techniques in Ethical Hacking
20 pages
Chapter 4
No ratings yet
Chapter 4
52 pages
Enumeration EH A
No ratings yet
Enumeration EH A
35 pages
HTB Labs VPN Connection Guide
No ratings yet
HTB Labs VPN Connection Guide
64 pages
Final Expln
No ratings yet
Final Expln
13 pages
CEHv9 Module 04 Enumeration
No ratings yet
CEHv9 Module 04 Enumeration
45 pages
Enumeration Techniques for Penetration Testing
No ratings yet
Enumeration Techniques for Penetration Testing
4 pages
Ethical Hacking: Scanning Techniques Guide
No ratings yet
Ethical Hacking: Scanning Techniques Guide
25 pages
SMB Enumeration Techniques and Tools
No ratings yet
SMB Enumeration Techniques and Tools
11 pages
Network Enumeration Techniques Overview
No ratings yet
Network Enumeration Techniques Overview
1 page
Module04 Enumeration
No ratings yet
Module04 Enumeration
1 page
UNIT 1.3 - Last
No ratings yet
UNIT 1.3 - Last
19 pages
Reconnaissance Techniques in Cybersecurity
No ratings yet
Reconnaissance Techniques in Cybersecurity
42 pages
AI Integration in Indian Education 2025
No ratings yet
AI Integration in Indian Education 2025
14 pages
PM SHRI Tactical Decision Analysis
No ratings yet
PM SHRI Tactical Decision Analysis
14 pages
India-U.S. Defence Pact Analysis 2025
No ratings yet
India-U.S. Defence Pact Analysis 2025
15 pages
Decline of Maoist Insurgency in India
No ratings yet
Decline of Maoist Insurgency in India
13 pages
Daily News Highlights: Nov 7, 2025
No ratings yet
Daily News Highlights: Nov 7, 2025
2 pages
Maoist Insurgency Trends in India 2025
No ratings yet
Maoist Insurgency Trends in India 2025
13 pages
9-Month Cybersecurity Learning Path
No ratings yet
9-Month Cybersecurity Learning Path
10 pages
Network System Administration Guide
No ratings yet
Network System Administration Guide
75 pages
Digital Evidence MCQs and Answers
No ratings yet
Digital Evidence MCQs and Answers
27 pages
Smart Office IoT Availability Model Analysis
No ratings yet
Smart Office IoT Availability Model Analysis
6 pages
Cybersecurity Risk Management Guide
No ratings yet
Cybersecurity Risk Management Guide
29 pages
2025 Threat Detection Executive Summary
No ratings yet
2025 Threat Detection Executive Summary
12 pages
Understanding Cyber Crime Dynamics
No ratings yet
Understanding Cyber Crime Dynamics
32 pages
Secure Development & Deployment Principles
No ratings yet
Secure Development & Deployment Principles
13 pages
Automotive Cyberthreat Landscape Report 2023
No ratings yet
Automotive Cyberthreat Landscape Report 2023
33 pages
Huawei ATU-L31 Software Release Notes
No ratings yet
Huawei ATU-L31 Software Release Notes
16 pages
Offenso Interview Qns.
No ratings yet
Offenso Interview Qns.
13 pages
VPNs, Cybersecurity, and Information Security Insights
No ratings yet
VPNs, Cybersecurity, and Information Security Insights
5 pages
Cybersecurity Overview and Strategies
No ratings yet
Cybersecurity Overview and Strategies
2 pages
Ethical Hacking: Key Concepts & Careers
No ratings yet
Ethical Hacking: Key Concepts & Careers
6 pages
Shikhar CV
No ratings yet
Shikhar CV
3 pages
Industrial IoT Exam Guide 2023
No ratings yet
Industrial IoT Exam Guide 2023
23 pages
System Security Assessment Guide
No ratings yet
System Security Assessment Guide
7 pages
Understanding the Cyber Kill Chain
No ratings yet
Understanding the Cyber Kill Chain
26 pages
vPenTest: Automated PenTesting for MSPs
No ratings yet
vPenTest: Automated PenTesting for MSPs
15 pages
Penetration Tester Resume - Pavan Mitta
No ratings yet
Penetration Tester Resume - Pavan Mitta
2 pages
Seeker
No ratings yet
Seeker
2 pages
Sophos Wireless Network Penetration Testing
No ratings yet
Sophos Wireless Network Penetration Testing
2 pages
January 2025 Threat Intel Report
No ratings yet
January 2025 Threat Intel Report
16 pages
Zscaler ZDTA Certification Test Insights
No ratings yet
Zscaler ZDTA Certification Test Insights
54 pages
Secure AI Lifecycle Framework Guide
100% (1)
Secure AI Lifecycle Framework Guide
41 pages
Cyber Threats vs. Vulnerabilities Explained
No ratings yet
Cyber Threats vs. Vulnerabilities Explained
83 pages
Ccs 344 - Ethical Hacking (R-21)
No ratings yet
Ccs 344 - Ethical Hacking (R-21)
2 pages
FURNI Web App Security Assessment Report
No ratings yet
FURNI Web App Security Assessment Report
14 pages
Tenable Vulnerability Management Guide
100% (1)
Tenable Vulnerability Management Guide
1,682 pages
Comprehensive Cybersecurity Services Overview
No ratings yet
Comprehensive Cybersecurity Services Overview
4 pages