Enumeration Script

netdiscover -r 192.168.0.0/24

>> Machine Name, IP, MAC (csv file)

Enter name of machine:
Enter ip of the machine:

nMap Fast scan with version

nMap Full scan  with version
    +parse into csv file
      >>Port, Protocol, Version, Details
    >>parse SMB File share into file
    >>parse NFS file share into file

If a website (http or https) exist
    +display ports hosting http/https
    +dirB enumeration -- big!
        >>create dirB file with list of directories
    ?Continue scanning other ports
        
if FTP exist
    +ftp enumeration
    +high level ftp brute-forcing (top 100 passwords per user)
    >>Output of FTP enumeration

if SMTP exist
    +SMTP enumeration
    +high level SMTP brute-forcing (top 100 passwords per user)
    >>Output of SMTP enumeration
    
if SNMP exist
    +SNMP Enum
    +high level SNMP brute-forcing with passphrase
    >>Output of SMTP enumeration

if SQL exist
    +fingerprint SQL server
    +try a few SQL user entries

if SSH exist
    +document

if NFS exist
  +Enumerate and check for vulns
  >>Enumerated NFS checks into separate file
        c

if SMB exist
  +Enumerate and check for vulns
  +SMB brute
    >>Output of SMTP enumerations
  
if SAMBA exist
  +Enumerate and check for vulns
    >>Output of SMTP enumeration

Display full list of users per port, and in total

Machine Name, IP, User, Protocol:Port, Source (where we got Username), Status, Password

Would you like to trigger web-enumeration for port....??

+ nikto scan
  + WP SCAN
+ SQLMAP?
+ OpenVas?

nmap -p21 –script ftp-brute.nse –script-args userdb=/root/Desktop/user.txt,passdb=/root/Desktop/pass.txt 192.168.1.105
nmap -p23 –script telnet-brute.nse –script-args userdb=/root/Desktop/user.txt,passdb=/root/Desktop/pass.txt 192.168.1.105
Nmap –p445 –script smb-brute.nse –script-args userdb=/root/Desktop/user.txt,passdb=/root/Desktop/pass.txt 192.168.1.105
Nmap  -sT -p3306 –script mysql-brute.nse –script-args userdb=/root/Desktop/user.txt 192.168.1.105