Kaiser784's Blog
  • whoami
  • Ingress
  • 90 Day High Frequency
    • Log-1
    • Log-2
    • Log-3
    • Conclusion
  • Making a Boot2root machine with docker
  • Adversarial ML
    • Practical Defenses against Adversarial ML
  • Certifications
    • eJPT
      • Cheatsheet/Notes
        • Enumeration
        • Web Attacks
        • System Attacks
        • Network Attacks
    • Dante ProLabs (HackTheBox)
  • Writeups
    • Google InternetCTF writeup
    • Lakera Gandalf LLM Security
    • OSPG Writeups
    • Matrix - AI Security Challenge by Repello writeup
    • WithSecure AI Challenge - My LLM Doctor writeup
    • WIZ Security Challenges
      • The BIG IAM Challenge writeup
      • K8S LAN Party Writeup
      • EKS Cluster Games Writeup
      • Prompt Airlines Writeup
  • Misc
    • Paul Kadali
    • Redirection
Powered by GitBook
On this page
  • whois
  • subdomains
  • ping sweeps
  • Nmap
  • OS Fingerprinting
  • Quick scan
  • Full scan

Was this helpful?

  1. Certifications
  2. eJPT
  3. Cheatsheet/Notes

Enumeration

Information Gathering and Footprinting & Scanning

whois

whois foo.bar

subdomains

sublit3r -d foo.bar

ping sweeps

fping -a -g 10.10.10.0/24
nmap -sS -n 10.10.10.0/24

Nmap

OS Fingerprinting

nmap -Pn -A -O 10.10.10.10

Quick scan

nmap -sC -sV -A -T4 10.10.10.10 --open

Full scan

nmap -sC -sV -A -T4 -p- 10.10.10.10 --open
PreviousCheatsheet/NotesNextWeb Attacks

Last updated 3 years ago

Was this helpful?