A penetration tester discovers that a target Windows system has port 445 open and responds to SMB requests. Which tool should the tester use to enumerate users, shares, and OS information from this system?
Trap 1: Nikto
Nikto is a web vulnerability scanner, not for SMB.
Trap 2: Hydra
Hydra is for password brute-forcing, not enumeration.
Trap 3: Nmap
Nmap scans ports but does not perform detailed SMB enumeration.
- A
Nikto
Why wrong: Nikto is a web vulnerability scanner, not for SMB.
- B
Hydra
Why wrong: Hydra is for password brute-forcing, not enumeration.
- C
Nmap
Why wrong: Nmap scans ports but does not perform detailed SMB enumeration.
- D
enum4linux
Correct: enum4linux extracts SMB information like users, shares, and OS details.