Show Menu

Enumeration Cheat Sheet by

This should get you up and running and start your enumeration journey


nmap 192.16­8.1.1
Scan a single IP
nmap 192.16­8.1.1-254
Scan IP range
nmap 192.16­8.1.0/24
Scan a network
nmap 192.16­8.1.1 -sV
Attempts to determine the version of the service running on port
nmap 192.16­8.1.1 -A
Enables OS detection, version detection, script scanning, and traceroute
nmap 192.16­8.1.1 -sT
TCP connect port scan (Default without root privilege)
nmap 192.16­8.1.1 -sU
UDP port scan


Gobuster is a tool used to brute-­force:
 ­ ­-URIs (direc­tories and files) in web sites.
 ­ -DNS subdomains (with wildcard support).
 ­ ­-Vi­rtual Host names on target web servers.
DIR mode
To find direct­ories and files.
gobuster dir -u <ur­l> -w <wo­rdl­ist­_fi­le.t­xt> -x <fi­le_­ext­ens­ion­s>
vhost mode
Check if subdomain exists by visiting url and verifying the IP address.
gobuster vhost -v -w <wo­rdl­ist.tx­t> -u <ur­l> -o <ou­tpu­t_f­ile.tx­t>
DNS mode
To find subdomains in a specific domain.
gobuster dns -d <do­mai­n> -w <wo­rd_­lis­t.t­xt> -i
-k to skip SSL verifi­cation


helpfull linux commands
connect to remote host
 ssh userna­me@­server Ex. ssh root@1­92.1­68.1.250
search for files in a directory hierar­chy
find file in the current directory
 ­find . -name test
find files with certain permission
 ­find . -perm 664
search words in file
 ­grep "­lit­era­l_s­tri­ng" filename
you can redirect the output of a command to the input of an other command
 cat file | wc -l get number of lines in file
output redire­ction
you can redirect the output to file
 ­echo 'hello there' > file

Help Us Go Positive!

We offset our carbon usage with Ecologi. Click the link below to help us!

We offset our carbon footprint via Ecologi


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.