Manual Enumeration

System, user, network, and password

System Enumeration

Enumerate kernel version:

uname -a

Enumerate distribution:

cat /proc/version

Enumerate CPU:

lscpu

Enumerate running services:

ps aux

Enumerate running services owned by root:

ps aux | grep root

User Enumeration

Enumerate current username:

whoami

Enumerate current user ID:

id

Enumerate active sessions:

Enumerate sudo:

Enumerate all users on the system:

Show only usernames from /etc/passwd:

Enumerate user groups:

Enumerate command history:

Network Enumeration

Enumearte network settings (older machines):

Enumearte network settings (newer machines):

Enumerate routing table (older machines):

Enumerate routing table (newer machines):

Enumerate ARP table (older machines):

Enumerate ARP table (newer machines):

Enumerating active network connections:

Password Hunting

Search for the keyword "password=" in all files:

Search for the keyword "password" in filenames:

Search for SSH keys:

Applications and Services

Enumerate running services owned by root:

Enumerate installed applications on Debian and derivatives:

Enumerate installed applications on Fedora-based distros, use:

Enumerate configuration files in the /etc directory:

Search for web application configuration files:

File and Directory Enumeration

World-writable directories:

World-writable directories for root:

World-writable files:

PreviousLinux PermissionsNextAutomated Tools

Last updated

Was this helpful?