0v3rride / Enum4linuxpy
Licence: gpl-3.0
Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.
Stars: ✭ 75
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Enum4linuxpy
Netfabric.hyperlinq
High performance LINQ implementation with minimal heap allocations. Supports enumerables, async enumerables, arrays and Span<T>.
Stars: ✭ 479 (+538.67%)
Mutual labels: enumeration
Dostoevsky Pentest Notes
Notes for taking the OSCP in 2097. Read in book form on GitBook
Stars: ✭ 495 (+560%)
Mutual labels: enumeration
Kernelpop
kernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (+737.33%)
Mutual labels: enumeration
Rapidscan
🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+933.33%)
Mutual labels: enumeration
Php Enum
Simple and fast implementation of enumerations with native PHP
Stars: ✭ 446 (+494.67%)
Mutual labels: enumeration
Opencvdeviceenumerator
This repository contains a class that allows the enumeration of video and audio devices in order to get the device IDs that are required to create a VideoCapture object inside OpenCV (in Windows).
Stars: ✭ 48 (-36%)
Mutual labels: enumeration
Pxenum
A shell script that automatically performs a series of *NIX enumeration tasks.
Stars: ✭ 30 (-60%)
Mutual labels: enumeration
Bugcrowd Levelup Subdomain Enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+584%)
Mutual labels: enumeration
Amass
In-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+8278.67%)
Mutual labels: enumeration
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+1045.33%)
Mutual labels: enumeration
Privilege Escalation Awesome Scripts Suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Stars: ✭ 7,144 (+9425.33%)
Mutual labels: enumeration
Offport killer
This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.
Stars: ✭ 40 (-46.67%)
Mutual labels: enumeration
Nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+501.33%)
Mutual labels: enumeration
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+913.33%)
Mutual labels: enumeration
Ssrfmap
Simple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (-33.33%)
Mutual labels: enumeration
Awsbucketdump
Security Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+1261.33%)
Mutual labels: enumeration
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+1060%)
Mutual labels: enumeration
Enum4LinuxPy
Everyone's favorite SMB/SAMBA/CIFS enumeration tool rewritten in python.
Why
The original Perl version has a number of outstanding issues that have been open for over a year and have not been addressed. This results in mangled output, errors, etc.
Progress
New flags added:
- -y and -q both obtain domain information about the domain controller if E4lPy is targeting one. Output from -q is less verbose than the -y option. The -y option will display basic information about the DC and the domain which includes the IP of the DC, the domain name, the DC site name and DC flags that tell you if the DC is a PDC, BDC, has DNS enabled, is a KDC, etc.
- -e will enumerate any privileges one has
- -z will enumerate any services running on the remote host (will most likely require privileged credentials)
- --lookupsids will map SIDs to objects via RID cycling (SID --> object/name). Behaves similarly to Impacket's lookupsid.py script.
Options for password spraying and brute forcing have also been added. When performing a password spray, the list of users will be gathered when E4LPy enumerates domain users and local users on the remote target host. Simply provide a password you want to spray with the list of users gathered (--spray July2019!). When bruteforcing, a username of your choice should be specified with the --brute flag along with the absolute path to a wordlist to use (--wordlist <path/to/wordlist.txt>). Also available are --timeout and --randtimeout . For randtimeout, if you specify 120, then E4LPy will choose a random integer anywhere between 0 and 120 and wait after each time it submits a username and password for authentication to the target.
TODO
N/A
Credit for the original Perl version of Enum4Linux goes to Mark Lowe and Portcullis Labs.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].