Dashboard > Mind Maps > Service Enumeration Flow

Service Enumeration Flow

How to approach service enumeration

Footprinting

Tip: Click on any node to see related information!

MAP Interactive Mind Map

graph TD A[Port Scan Results] --> B{Service Type} B --> C[Web Service] B --> D[SMB/Windows] B --> E[SSH/Linux] B --> F[Database] C --> G[Nikto/Dirbusting] D --> H[enum4linux/smbmap] E --> I[Banner Grab/Brute] F --> J[Default Creds/Injection]

MODULES Related Modules

Footprinting

Gather information about target infrastructure including DNS, SMTP, FTP, SMB, NF...

Enumeration

REF Quick Reference

DNS

dig axfr @ns.domain.com domain.com # Attempt DNS Zone Transfer
dnsenum domain.com # Enumerate DNS info and subdomains
subfinder -d domain.com # Passive subdomain enumeration

SMB

smbclient -L //10.10.10.5 -N # List shares with null session
smbmap -H 10.10.10.5 # Map shares and permissions
enum4linux -a 10.10.10.5 # Run all enumeration checks (users, shares, groups)

SNMP

snmpwalk -v2c -c public 10.10.10.5 # Walk MIB tree with community string 'public'
onesixtyone -c community.txt 10.10.10.5 # Brute force community strings

NFS

showmount -e 10.10.10.5 # Show exported NFS shares
mount -t nfs 10.10.10.5:/share /mnt # Mount the share locally

Back to Mind Maps View Full Module

Save Your Progress

Service Enumeration Flow

MAP Interactive Mind Map

INFO Node Details

MODULES Related Modules

Footprinting

REF Quick Reference

DNS

SMB

SNMP

NFS