Top Three Linux Enumeration Tools (2024)

  • Home
  • /
  • Top Three Linux Enumeration Tools (2024)

Share

Enumeration tool

PSPY

PSPY is a tool which allows obtaining processes information without having root privileges. With PSPY commands can be executed by other users, cron jobs etc. The information obtained on the screen with different colours, details such as time, date, UID, PID. Sensitive information can be obtained only with permissions. This helps to get root access on numerous systems.

 

How PSPY works?

Pspy obtains the information of the processes in procfs (Linux process files system). The inotify API is used, which does not need root permissions. With this API, we can get notifications when a file is created, altered or deleted. Pspy monitors with the notify 

API the contents of the system /proc folder to try to capture the processes that are created.
Some useful commands are,
● –help: To see all the flags present and their definition
● -p: Enables printing commands to stdout.
● -f: Enables printing file system events to stdout.
● -r: List of directories to watch with Inotify. pspy will watch all subdirectories recursively (by default, watches /usr, /tmp, /etc, /home, /var, and /opt).
● –debug: Prints verbose error messages which are otherwise hidden.

Enum4Linux

Enum4linux is a tool for enumerating data from Windows and other Linux Operating System. It is written in Perl and is a wrapper around the Samba tools smbclient, rpclient, net and nmblookup.
Some key features are:
RID cycling
User listing
Listing of group membership information
Share enumeration
Detecting if host is in a work group or a domain
Identifying the remote operating system
Password policy retrieval

Some useful commands are:
● -U : To view the users on the system.
● -S : To view the info on the shares on the system.
● -P : To view the password policy on the system.
● -o : Info on the operating system.

LinEnum 

LinEnum is a basic script that automates Local Linux Enumeration & Privilege Escalation checks. It performs over 65 checks and get kernel information to locate possible escalation points such as SUID/GUID files and Sudo/rhost mis-configurations. The script use a provided keyword to search through *.conf and *.log files. Any matches will be displayed along with the full file path and line number on which the keyword was identified. Usage: ./LinEnum.sh on the target machine.

Picture of Ammar Bin Vahab

Ammar Bin Vahab

Ammar Bin Vahab is a Penetration Testing Professional with 3+ years of experience. He is also an expert cybersecurity consultant with a proven track record of success in the information technology and services industries. Competent in information gathering, vulnerability assessment, Incident Response, Investigation, and product management, He's presently ranked as a ProHacker in Hack The Box CTF platform.

Share

Join a secure newsletter.

Secure, disturbance free and spam-free

Leave a Reply

Protecting Small Businesses from COVID-19

Our committment towards small businesses is now affordable.

Starting From

$349

Enquire Now

Ask our experts.

Quick Contact

Talk to our team

Protecting your Business

Book a free consultation with us .

Enquire Now

Ask our experts.

Quick Contact

Talk to our team