massh-enum

LSE toolsLSE toolsmassh-enum (378)massh-enum (378)

Tool and Usage

Project details

Year of inception
License
GPLv3
Programming languages
Python, shell script
Author
Michał Żurawski
Latest release
1.0
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Massh-enum is a user enumeration tool for OpenSSH with the goal to find valid usernames. This can be useful during penetration tests or security assessments. The usernames can be valuable to brute-force or may be used on different locations within a network.

How it works

Massh-enum uses a small Python library by Matthew Daley to connect to SSH and test if a username is valid. This testing is done using a predefined wordlist or one that is specified using the --users parameter.

Usage and audience

massh-enum is commonly used for information gathering or user enumeration. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

./bin/massh-enum --hosts 10.240.20.0/28 --users wordlists/users
› Generating a list of hosts
› Username Enumeration
host: 10.240.20.1 (p:22), found user: root
host: 10.240.20.1 (p:22), found user: supervisor
host: 10.240.20.2 (p:22), found user: root
host: x33con.info (p:22), found user: root

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code is easy to read and understand
  • + Tool is easy to use
  • + The source code of this software is available

Weaknesses

  • - Minimal or no documentation available

Author and Maintainers

Massh-enum is under development by Michał Żurawski.

Installation

Supported operating systems

Massh-enum is known to work on Linux.

massh-enum alternatives

Similar tools to massh-enum:

74

LinEnum

LinEnum can be used during penetration tests to perform scripted local Linux enumeration and check for privilege escalations.

60

RID_ENUM

RID_ENUM is a security tool to attempt retrieving users from a Windows domain controller. In this review we cover what the tool does and how it works.

64

DirSearch (Go)

DirSearch is a scanning tool to find directories and files on web applications. It is a remake of the dirsearch tool that was created by Mauro Soria.

All massh-enum alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Definitions

Enumeration
An enumeration is an ordered listing of items in a collection. In the field of information security, it is the retrieval of data lists from systems and applications, like usernames. Similarly, network enumeration is focused on getting all system names on a network.

Categories

This tool is categorized as a system enumeration tool and user enumeration tool.

Related topics