Tool and Usage
|Programming languages||Python, shell script|
|Latest release||1.0 |
Why this tool?
Massh-enum is a user enumeration tool for OpenSSH with the goal to find valid usernames. This can be useful during penetration tests or security assessments. The usernames can be valuable to brute-force or may be used on different locations within a network.
How it works
Massh-enum uses a small Python library by Matthew Daley to connect to SSH and test if a username is valid. This testing is done using a predefined wordlist or one that is specified using the --users parameter.
Usage and audience
massh-enum is commonly used for information gathering or user enumeration. Target users for this tool are pentesters and security professionals.
- Command line interface
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code is easy to read and understand
- + Tool is easy to use
- + The source code of this software is available
- - Minimal or no documentation available
Supported operating systems
Massh-enum is known to work on Linux.
Similar tools to massh-enum:
LinEnum can be used during penetration tests to perform scripted local Linux enumeration and check for privilege escalations.
RID_ENUM is a security tool to attempt retrieving users from a Windows domain controller. In this review we cover what the tool does and how it works.
Altdns is a security tool to discover subdomains during pentesting. Read this review to learn how it works and how to use it.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
- An enumeration is an ordered listing of items in a collection. In the field of information security, it is the retrieval of data lists from systems and applications, like usernames. Similarly, network enumeration is focused on getting all system names on a network.