Skip to main content

Enumeration: Introduction

 

Enumeration: Introduction



Hey everyone! It's incredible to hear back from so many of you already. 4 blog posts in, I can already feel the love. 

I did go back this week and add a disclaimer to all posts. First, I wanted to ensure that folks are being careful with using the skills within the resources. Second, I just wanted to explain that this entire series is really about learning topics thoroughly, however you need to learn. As someone who is a multimodal learner, I'm actually using the resources in these posts to understand these topics as fully as I can.


Let's get into enumeration. Taking directly from the company RedTeam Security, "Enumeration is the method that a penetration tester uses to identify information about in-scope assets. A pen tester will use an automated process to identify all active IP addresses within the scope and some limited information about those devices, such as type and operating system version. This information is then used for further automated and manual testing. Enumeration can happen several times within a single pen test on different parts of a network. A bad actor will also use enumeration to identify systems to compromise." Directly after this blog I'll move into the various types of enumeration in the next posts, which include:

NetBios enumeration
SNMP enumeration
LDAP enumeration
NTP enumeration
SMTP enumeration
DNS enumeration
Windows enumeration
UNIX/Linux enumeration


For now, let's learn the basics about what to expect within the enumeration step, broken does into those 4 main learning styles.


Visual:

I really liked this video and subscribed to this channel because of his ability to teach visually. Some of the videos are a little bit older, so just keep in mind that some of the technology might have changed, it looks like the methodologies are still legit. 


In looking for other resources for visual, I realized that this 9 minute clip satisfied the basics of the topic for me. If you feel you need more, try googling things like "pentesting enumeration flow chart" or "enumeration security white board" and see what you come up with!

PS if you are really digging the whiteboarding, here's a bookmark for you - SANS Poster - White Board of Awesome Command Line Kung Fu


Aural:

There are some great videos here, I did find Hackersploit's really easy to listen to, found here:


Also, because I do love me some TCM Security & try to include them whenever possible, here is their web app Enumeration video. It is short and sweet (take notes on it):

I have also completed TCM's Practical Ethical Hacking - The Complete Course and the enumeration section in there was great to listen to & take notes on. 

Read/Write:

One of the easiest readings I digested about enumeration was written by Raghu Chakravartula, simply titled "What is enumeration? [updated 2021]". 
If you read this and find that you don't understand definitions, take your time to backpedal and get familiar with the terms within the classifications. This article and the fe I'll tack below are solid places to create definition note cards from. Remember that learners that read and learn well also benefit from the writing section, so either write out paper cards or type of cards online. This Quizlet deck exists but you might cut yourself short if you don't write this stuff out yourself. 

Other great read/write resources:


Kinesthetic: 

TryHackMe has 4 pages that hit on the term "enumeration", I pulled out 3 here as they were obviously directly about the topic. 


The next blog posts will come out in the succession of the list above! Please leave any comments you might have or questions on my LinkedIn post. 



Disclaimer:  Understanding that this industry is already filled with educational content, the writer of this blog intends for this series to be utilized by learners who are looking to find resources for said topics. The content within these resources should be used with caution and common sense, taking note to understand the applicable laws of the reader's location. This is a personal blog of which any opinions or ideas expressed are of the owner/writer and not of any association they are affiliated with. To reach the writer of this blog, please find them on LinkedIn. When sharing this content with your own community it is asked that credit be given. Before reposting as a blog, please seek permission from the author. 

Popular posts from this blog

Resources: Know 'em & Know How to Find 'em

  The Art of Finding Resources One of the most important skills to posses, along with drive, is the ability to find resources. This is by no means an exhaustive list, it seems like every day there is a new platform or channel teaching offensive security. I simply didn't want to miss out on showing how those with a multimodal learning style can supplement things they are trying to learn. In both offensive security and in general education, being able to find resources should not be underrated.  Visual: For visual learners, offensive security is a great place to learn. From YouTube to Khan Academy, there are a myriad of ways to learn what you need to. Below, I've compiled lists my favorite resources to both learn both basics and advanced stuff from.  Khan Academy (is also considered kinesthetic):      (Basic, non pentesting) Computers and the Internet   AP®︎/College Computer Science Principles   Computer science   YouTube: I like to watch...
Read more

Enumeration: NetBios

  Enumeration: NetBios If you come across this post but you're unsure about what NetBIOS actually is, take a moment to step back and go through this article (and the Professor Messor video inside) from Networkencyclopedia.com.  Okay cool, so we're on the same page now!  As we go through the resources for NetBIOS enumeration keep the following items in your mind - we're looking for them: system names usernames domains  printers available shares There are a ton of great tools out there to do NetBIOS enumeration. Just some of the few I found include:  nbtstat (Windows) winfo  (Windows) winfingerprint  (windows) nbtscan (Linux) smb-nat  (Linux) Hyena  (I have not used this yet but it came recommended) smbclient (Linux) - this page is overwhelming to my visual senses, ha, if there is a cleaner one, use it! nmap smbmap crackmapexec   Autorecon  (have not used this yet, it honestly looks awesome) msfconsole burp (web) many others,...
Read more