The most important step in hacking - Enumeration

This page summarizes the projects mentioned and recommended in the original post on dev.to

Our great sponsors
  • Nanos - Run Linux Software Faster and Safer than Linux with Unikernels
  • Scout APM - A developer's best friend. Try free for 14-days
  • SaaSHub - Software Alternatives and Reviews
  • GitHub repo netdiscover

    Netdiscover, ARP Scanner (official repository)

    Net Discover

  • GitHub repo IPRanger

    IP Ranger

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo BloodHound

    Six Degrees of Domain Admin

    Can help us enumerate which devices are on a network using ICMP packets (pings) or ARP. Some specialised tools such as Bloodhound may help us enumerate networks using Active Directory.

  • GitHub repo PyRCON

    Menu based python recon tool

    We can see there are 5 ports open. We may be able to exploit the HTTP service on port 80 or gain access to SSH on port 20. Port scanning can be slow, tools such as PyRCON and Rust Scanner may help us speed up this process. Typically this isn't necessary but in a KOTH or battlegrounds game, we can't spare the time.

  • GitHub repo RustScan

    🤖 The Modern Port Scanner 🤖

    We can see there are 5 ports open. We may be able to exploit the HTTP service on port 80 or gain access to SSH on port 20. Port scanning can be slow, tools such as PyRCON and Rust Scanner may help us speed up this process. Typically this isn't necessary but in a KOTH or battlegrounds game, we can't spare the time.

  • GitHub repo Uniscan

    Uniscan web vulnerability scanner

    UniScan

  • GitHub repo WhatWeb

    Next generation web scanner

    whatweb

  • Scout APM

    Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.

    Specialised tools can be used, for example WPScan. Allowing us to enumerate the wordpress CMS.

  • GitHub repo Sublist3r

    Fast subdomains enumeration tool for penetration testers

    In a real-world scenario. You're likely to come across a target with more than one domain, each having it's own subdomains. There's plenty of tools that you can use to discover these. Again, PyRCON offers some options for this but I like tools such as sublist3r and publicly available records such as security trials.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts