Enumeration extracts info about:
– resources or shares on the network
– usernames or groups assigned on the network
– last time the user has logged on
– user’s password

Tools: NBT Scan, NBTstat, netview

CVE number is the vulnerability mitre.org has their list

Below, is a part of the final project, but I’ll just put here as test subject.

Also, I got the users list in jo1.pentest.id by using wpscan.

Port scanning and footprinting

• finding open ports
• determining what OS being used (need to install different vmware first, oracle’s VM virtual box is not working properly)

For now, I’m using nmap as my tool for port scanning and pentest.id as target . Another alternative for nmap is zenmap which the GUI version. For some reason, nmap takes a while.

Port Scanning example:

Below is one of the nmap tools, it is fast because I only told nmap to find open ports only.