Ethical Hacking : Enumeration

This phase Enumeration is done after scanning. As in scanning the hacker collects information about the active targets, ports, services etc.

It is this phase where the hacker will make active connections to the target system and then try collecting more details information using queries etc. The goal is to get more details information about the target that needs to be compromised.

Information such as, usernames, machine names, share paths etc are collected in this phase. The attacker access possible open share files mainly the remote IPC share which can be accessed using IPC$ in Windows.

The information that is enumerated by the attacker is :

  • Users and Groups
  • Networks and shared paths
  • Hostnames
  • Route Tables
  • Service Settings
  • SNMP port scanning and DNS Details
  • Applications and Banners

Lets start with Some Enumeration tools of Ethical Hacking


You can use the net user command to create and modify user accounts on computers. When you use this command without command-line switches, the user accounts for the computer are listed. The user account information is stored in the user accounts database. This command works only on servers.

To run the net user command tool, using the WinX menu, open a Command Prompt, type net user and hit Enter. This will show you the user accounts on the computer. Thus, when you use net user without parameters, it displays a list of the user accounts on the computer.

Ethical Hacking: Enumeration


This Windows Server Net Accounts command updates user account policies for password requirements. As with all Net commands, you must access a command prompt and be logged on to an account with network administration permissions.

Ethical Hacking: Enumeration


MS-DOS utility that displays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP), which allow the user to troubleshoot NetBIOS name resolution issues.

Normally, name resolution is done when NetBIOS over TCP/IP is functioning correctly. It does this through local cache lookup, WINS or DNS server query or through LMHOSTS or Hosts lookup.

Ethical Hacking: Enumeration


Displays a list of domains, computers, or resources that are being shared by the specified computer. Used without parameters, net view displays a list of computers in your current domain.

Ethical Hacking: Enumeration


It is a penetrating tool created to gather information related to DNS entries about the domains. Dnsenum is a tool for DNS enumeration, which is the process of locating all DNS servers and DNS entries for an organization.

How to Information Gathering and Enumunerate by dnsenum

How to Information Gathering and Enumunerate by dnsenum


we will learn how to gather DNS information about all the subdomains of a web application or website using DNSMAP network mapper tool. DNSMAP is basically an sub domain mapping tool which gives all the subdomains, their corresponding IPv4 IP address and IPv6 IP address as output.

Subdomains Enumaration | Information Gathering of Website - Dnsmap

Subdomains Enumaration | Information Gathering of Website - Dnsmap


This program offers network visualization, administration, monitoring, scanning, inventory, ping and visual traceroute.

DNS Enumeration Script - DNSRecon

DNS Enumeration Script - DNSRecon


It is a tool which provides us information about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server. This is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.

TheHarvester Email and Domain Scanning from Google,Bing,PGP,LinkedIn

TheHarvester Email and Domain Scanning from Google,Bing,PGP,LinkedIn


URLCrazy is a tool written by Andrew Horton. Its purpose is to generate and test domain types, and variations to detect and perform typo squatting, URL Hijacking, phishing, and corporate espionage. It is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Scanning - Third Step Of Ethical Hacking

Website Dns analysis Information Gathering - UrlCrazy


A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.

Scanning - Third Step Of Ethical Hacking

Auto Scanning to SSL Vulnerability - A2SV

I hope you enjoyed this article.

Sharing is caring


About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (

You may also like :-

Leave a Comment

Your email address will not be published. Required fields are marked *

Reader Comments [1]

birkin bag

I must convey my appreciation for your kindness in support of visitors who have the need for help on that matter. Your special commitment to passing the solution all-around became exceedingly advantageous and have specifically helped people like me to realize their desired goals. Your personal interesting recommendations denotes so much a person like me and far more to my fellow workers. Thanks a lot; from each one of us.



Stay Connected

Popular Posts

Get Latest Stuff Through Email

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..