System enumeration tools

Tools

LinEnum (enumeration and privilege escalation)

penetration testing, privilege escalation, system enumeration

LinEnum is one of the tools that can help with automating penetration tests. It performs a discovery on the environment it runs in and tries finding weaknesses to allow privilege escalation.

massh-enum (OpenSSH user enumeration)

information gathering, user enumeration

Massh-enum is a user enumeration tool for OpenSSH with the goal to find valid usernames. This can be useful during penetration tests or security assessments. The usernames can be valuable to brute-force or may be used on different locations within a network.

RID_ENUM (Windows RID enumeration)

The RID_ENUM utility (or Rid Enum) performs a cycling attack to attempt retrieving all users from a Windows domain controller. It focuses on retrieving identities from the domain admins group. The attack will work to versions, with Windows 2003 being the latest. This was to ensure compatibility with previous versions of Windows. Windows 2008 and later will not allow this type of enumeration to happen.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.