massh-enum

LSE toolsLSE toolsmassh-enum (228)massh-enum (228)

Tool and Usage

Project details
Inception
LicenseGPLv3
Programming languagesPython, shell script
AuthorMichał Żurawski
Latest release1.0 []

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Massh-enum is a user enumeration tool for OpenSSH with the goal to find valid usernames. This can be useful during penetration tests or security assessments. The usernames can be valuable to brute-force or may be used on different locations within a network.

How it works

Massh-enum uses a small Python library by Matthew Daley to connect to SSH and test if a username is valid. This testing is done using a predefined wordlist or one that is specified using the --users parameter.

Usage and audience

massh-enum is commonly used for information gathering or user enumeration. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

./bin/massh-enum --hosts 10.240.20.0/28 --users wordlists/users
› Generating a list of hosts
› Username Enumeration
host: 10.240.20.1 (p:22), found user: root
host: 10.240.20.1 (p:22), found user: supervisor
host: 10.240.20.2 (p:22), found user: root
host: x33con.info (p:22), found user: root

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code is easy to read and understand
  • + Tool is easy to use
  • + The source code of this software is available

Weaknesses

  • - Minimal or no documentation available

Author and Maintainers

Massh-enum is under development by Michał Żurawski.

Installation

Supported operating systems

Massh-enum is known to work on Linux.

massh-enum alternatives

Similar tools to massh-enum:

74

LinEnum

LinEnum can be used during penetration tests to perform scripted local Linux enumeration and check for privilege escalations.

60

RID_ENUM

RID_ENUM is a security tool to attempt retrieving users from a Windows domain controller. In this review we cover what the tool does and how it works.

64

altdns

Altdns is a security tool to discover subdomains during pentesting. Read this review to learn how it works and how to use it.

All massh-enum alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Definitions

Enumeration
An enumeration is an ordered listing of items in a collection. In the field of information security, it is the retrieval of data lists from systems and applications, like usernames. Similarly, network enumeration is focused on getting all system names on a network.

Categories

This tool is categorized as a system enumeration tool and user enumeration tool.

Related terms

OpenSSH