Show Menu

Enumeration Cheat Sheet by

This should get you up and running and start your enumeration journey


nmap 192.16­8.1.1
Scan a single IP
nmap 192.16­8.1.1-254
Scan IP range
nmap 192.16­8.1.0/24
Scan a network
nmap 192.16­8.1.1 -sV
Attempts to determine the version of the service running on port
nmap 192.16­8.1.1 -A
Enables OS detection, version detection, script scanning, and traceroute
nmap 192.16­8.1.1 -sT
TCP connect port scan (Default without root privilege)
nmap 192.16­8.1.1 -sU
UDP port scan


Gobuster is a tool used to brute-­force:
 ­ ­-URIs (direc­tories and files) in web sites.
 ­ -DNS subdomains (with wildcard support).
 ­ ­-Vi­rtual Host names on target web servers.
DIR mode
To find direct­ories and files.
gobuster dir -u <ur­l> -w <wo­rdl­ist­_fi­le.t­xt> -x <fi­le_­ext­ens­ion­s>

vhost mode
Check if subdomain exists by visiting url and verifying the IP address.
gobuster vhost -v -w <wo­rdl­ist.tx­t> -u <ur­l> -o <ou­tpu­t_f­ile.tx­t>

DNS mode
To find subdomains in a specific domain.
gobuster dns -d <do­mai­n> -w <wo­rd_­lis­t.t­xt> -i
-k to skip SSL verifi­cation


helpfull linux commands
connect to remote host
ssh userna­me@­server
ssh root@1­92.1­68.1.250

search for files in a directory hierarchy
find file in the current directory
find . -name test

find files with certain permission
find . -perm 664

search words in file
grep "­lit­era­l_s­tri­ng" filename

you can redirect the output of a command to the input of an other command
cat file | wc -l 
get number of lines in file
output redire­ction
you can redirect the output to file
echo 'hello there' > file


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.