Enumeration: A Comprehensive Guide (April 2025)
This course provides an in-depth understanding of **Enumeration**, a critical phase in penetration testing and ethical hacking. Participants will explore various enumeration techniques, tools, and methodologies used to extract valuable information from systems, networks, and services. The course includes practical …
This course provides an in-depth understanding of **Enumeration**, a critical phase in penetration testing and ethical hacking. Participants will explore various enumeration techniques, tools, and methodologies used to extract valuable information from systems, networks, and services. The course includes practical hands-on exercises covering services like NetBIOS, FTP, SSH, MSSQL, VNC, LDAP, and more. By the end, learners will be able to effectively conduct enumeration and implement countermeasures against potential threats
Course Outline:
Module 1: Fundamentals of Enumeration
- What is Enumeration?
- Techniques for Enumeration
- Services and Ports to Enumerate
Module 2: NetBIOS Enumeration
- NetBIOS Enumeration Tools
- Enumerating User Accounts
- Enumerate Systems Using Default Passwords
Module 3: FTP Enumeration
- Banner Grabbing
- TFTP Enumeration
- Metasploit Modules for FTP
Module 4: SSH Enumeration
- Version Scanning
- Banner Grabbing
- Scripts for Enumeration
- Brute-force Techniques
Module 5: MSSQL Enumeration
- Information Gathering
- SQL Users Enumeration
- MSSQL Brute-forcing Techniques
- Interactive Database Shell Usage
Module 6: VNC Enumeration
- Cracking VNC Passwords
- Connecting to VNC Services
Module 7: SNMP Enumeration
- Understanding SNMP (Simple Network Management Protocol)
- How SNMP Works
- Management Information Base (MIB)
- SNMP Enumeration Tools
Module 8: UNIX/Linux Enumeration
- UNIX/Linux Enumeration Commands
- Linux Enumeration Tools
Module 9: LDAP Enumeration
- LDAP Enumeration Tools and Techniques
Module 10: Telnet Enumeration
- Script Scanning Techniques
- Banner Grabbing
- Brute-forcing Telnet
Module 11: Web Enumeration
- HTTP Method Enumeration
- HTTP Basic Authentication
- Checking Running Service Versions
Module 12: MySQL Enumeration
- Basic MySQL Enumeration Commands
- MySQL Brute-forcing Techniques
Module 13: NTP Enumeration
- NTP Enumeration Commands
Module 14: SMTP Enumeration
- SMTP Enumeration Tools and Techniques
Module 15: DNS Enumeration
- DNS Zone Transfer Enumeration using NSLookup
- DNS Enumeration Tools
Module 16: SMB Enumeration
- SMB Enumeration Tools
- Understanding Null Sessions
- Syntax for Null Sessions
- Viewing Shared Resources
Module 17: NFS Enumeration
- Script Scanning for NFS
- Enumerating NFS Shares
- Privilege Escalation using NFS
Module 18: Remote Desktop Enumeration
- Logging in with Known Credentials
- Nmap Scripts for RDP Enumeration
- Brute-force Techniques for RDP
- Adding Users to the RDP Group
Curriculum
- 2 Sections
- 21 Lessons
- 10 Weeks
- DNS Enumeration10
- 1.1DNS Enumeration1 Hour
- 1.2Passive Subdomain Enumeration1 Hour
- 1.3amass1 Hour
- 1.4dnsx1 Hour
- 1.5Internet Archives and Subdomain Enumeration1 Hour
- 1.6Zone Transfer Attack1 Hour
- 1.7Sublist3r – Subdomain Enumeration Tool1 Hour
- 1.8massdns and puredns1 Hour
- 1.9Subdomain Enumeration using wfuzz (VHost Fuzzing)1 Hour
- 1.10Subdomain Takeover1 Hour
- Web Enumeration11
- 2.1HTTP Server Version Detection1 Hour
- 2.2CVE-2019-16278 Exploit (Python Reverse Shell)1 Hour
- 2.3Hack The Box1 Hour
- 2.4Nmap Scan Scripts1 Hour
- 2.5HttpFileServer (HFS) HTTPd 2.3 Exploit1 Hour
- 2.6PHP Version Detection1 Hour
- 2.7Cve-2019-11043 – PHP-FPM Remote Code Execution1 Hour
- 2.8Http Methods1 Hour
- 2.9SickOs 1.2 Machine1 Hour
- 2.10WebDAV Enumeration1 Hour
- 2.11Nmap HTTP NSE Scripts1 Hour
You might be intersted in
-
0 Students
-
16 Weeks
-
40 Students
-
14 Weeks
-
24 Students
-
4 Weeks
-
62 Students
-
15 Weeks