The most important step in hacking - Enumeration

This page summarizes the projects mentioned and recommended in the original post on dev.to

Scout Monitoring - Free Django app performance insights with Scout Monitoring
Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
www.scoutapm.com
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
  • netdiscover

    Netdiscover, ARP Scanner (official repository)

  • Net Discover

  • Scout Monitoring

    Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

    Scout Monitoring logo
  • IPRanger

  • IP Ranger

  • BloodHound

    Six Degrees of Domain Admin

  • Can help us enumerate which devices are on a network using ICMP packets (pings) or ARP. Some specialised tools such as Bloodhound may help us enumerate networks using Active Directory.

  • PyRCON

    Menu based python recon tool

  • We can see there are 5 ports open. We may be able to exploit the HTTP service on port 80 or gain access to SSH on port 20. Port scanning can be slow, tools such as PyRCON and Rust Scanner may help us speed up this process. Typically this isn't necessary but in a KOTH or battlegrounds game, we can't spare the time.

  • RustScan

    🤖 The Modern Port Scanner 🤖

  • We can see there are 5 ports open. We may be able to exploit the HTTP service on port 80 or gain access to SSH on port 20. Port scanning can be slow, tools such as PyRCON and Rust Scanner may help us speed up this process. Typically this isn't necessary but in a KOTH or battlegrounds game, we can't spare the time.

  • Uniscan

    Uniscan web vulnerability scanner

  • UniScan

  • WhatWeb

    Next generation web scanner

  • whatweb

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

  • Specialised tools can be used, for example WPScan. Allowing us to enumerate the wordpress CMS.

  • Sublist3r

    Fast subdomains enumeration tool for penetration testers

  • In a real-world scenario. You're likely to come across a target with more than one domain, each having it's own subdomains. There's plenty of tools that you can use to discover these. Again, PyRCON offers some options for this but I like tools such as sublist3r and publicly available records such as security trials.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Error while using Evillimmiter

    4 projects | /r/Hacking_Tutorials | 18 May 2022
  • a program like Netcut , but free for pc

    2 projects | /r/software | 30 Dec 2021
  • Any software to limit wifi speed for people in my house?

    1 project | /r/software | 29 Dec 2020
  • Open-Source Detector of CISA's Known Exploitable Vulnerabilities

    8 projects | news.ycombinator.com | 15 Jan 2024
  • RustScan – The Modern Port Scanner

    1 project | news.ycombinator.com | 25 Aug 2023