search

Network Enumeration

hashtag
1. Network Interface Configuration

hashtag
1.1 List Network Interfaces, IP, and DNS

Commands:

To retrieve detailed network interface configuration:

ipconfig /all

Description: Displays full configuration details for all network interfaces, including IP addresses, subnet masks, default gateways, and DNS servers.

Output: A comprehensive list of all network interfaces with their configurations.

For a more structured output in PowerShell:

Get-NetIPConfiguration | Format-Table InterfaceAlias, InterfaceDescription, IPv4Address

Description: Formats IP configuration details, displaying interface alias, description, and IPv4 address.

Output: A table showing IP configuration details for each network interface.

To list DNS servers for IPv4:

Get-DnsClientServerAddress -AddressFamily IPv4 | Format-Table

Description: Displays configured DNS server addresses for IPv4.

Output: A table of DNS server addresses by network interface.

hashtag
2. Routing Information

hashtag
2.1 Current Routing Table

Commands:

To view the current routing table:

Description: Displays the routing table with destinations, next hops, and metrics.

Output: A complete view of the routing configuration.

For a structured view in PowerShell:

Description: Formats and displays IPv4 routing table entries.

Output: A table listing routing details for IPv4.

hashtag
3. ARP and Connections

hashtag
3.1 List ARP Table

Command:

Description: Displays the current ARP table, mapping IP addresses to MAC addresses.

Output: A list of IP-to-MAC mappings in the ARP cache.

hashtag
3.2 List Current Connections

Command:

Description: Shows all active network connections and listening ports with their associated process IDs (PIDs).

Output: A detailed list of connections, including protocol, local and foreign addresses, connection state, and PID.

hashtag
4. Network Shares

hashtag
4.1 List Network Shares

Command:

Description: Lists all shared resources on the local system.

Output: Displays share names, paths, and additional settings.

For domain-specific shares using PowerShell:

Description: Finds shared resources within a specified domain.

Output: Lists domain-specific shared resources.

hashtag
5. SNMP Configuration

hashtag
5.1 SNMP Settings

Command:

To check SNMP configuration in the Windows Registry:

Description: Queries SNMP service settings in the registry.

Output: Displays SNMP configuration, including community strings and permissions.

For a detailed PowerShell view:

Description: Retrieves all SNMP-related registry keys and values recursively.

Output: A detailed view of SNMP configuration settings.

PreviousUser EnumerationNextAntivirus Enumeration

Last updated