Enumeration

auxiliary/scanner/smb/smb_enumusers_domain polenum

auxiliary/scanner/smb/smb_enum_gpp smb-enum null sessions

auxiliary/scanner/smb/smb_enumshares Metasploit smb-enum sessions

auxiliary/scanner/smb/smb_enumusers smb-enum groups

auxiliary/scanner/smb/smb_lookupsid Nmap smb-enum-users

nmblookup NetBIOS & SMB (Port 139/445) smb-enum admins

SMBMap smb-enum shares

smbclient smb-enum policies

crackmapexec Samrdump

nbtscan

enum4linux

jxplorer

ldap-brute ldapsearch

ldap-rootdse Nmap LDAP (Port 389/636) LDAPDomainDump

ldap-search windapsearch

Softerra LDAP Administrator

RPC (Port 135) rpcinfo

Metasploit: auxiliary/scanner/smtp/smtp_enum smtp-enum-vrfy

Nmap: nmap --script smtp-enum-users SMTP (Port 25) NetScanTools

iSMTP smtp-enum-rcpt

auxiliary/scanner/snmp/snmp_enum

auxiliary/scanner/snmp/snmp_enumshares Metasploit
snmp-check
auxiliary/scanner/snmp/snmp_enumusers
SNMP (Port 161/162) snmpbulkwalk
SNMP Scanner
snmpwalk
OpUtils

rdp-enum-encryption
ncrack
rdp-ntlm-info Nmap RDP (Port 3389)
Crowbar
rdp-vuln-ms12-020

auxiliary/scanner/ftp/anonymous ftp-vulnerability-scan
Metasploit FTP (Port 21)
auxiliary/scanner/ftp/ftp_login ftp-default

OWASP Zap
feroxbuster
cewl
Burpsuite
wafw00f
Nmap Scripts
katana
Nikto HTTP/HTTPS (80,443)
curl
Whatweb
gobuster
sslscan
ffuf
httpx
sslyze

mysql-audit

mysql-brute auxiliary/scanner/mysql/mysql_version

mysql-databases auxiliary/scanner/mysql/mysql_authbypass_hashdump

mysql-dump-hashes Metasploit auxiliary/scanner/mysql/mysql_hashdump

mysql-empty-password auxiliary/admin/mysql/mysql_enum
Nmap MySQL (Port 3306)
mysql-enum auxiliary/scanner/mysql/mysql_schemadump

mysql-info mysql commands

mysql-query

mysql-users

mysql-variables

nmap --script

ms-sql-info

ms-sql-empty-password

ms-sql-xp-cmdshell
ms-sql-config
Nmap
ms-sql-ntlm-info
ms-sql-tables
admin/mssql/mssql_enum
MSSQL (Port 1433) ms-sql-hasdbaccess
admin/mssql/mssql_enum_domain_accounts Metasploit
ms-sql-dac
admin/mssql/mssql_enum_sql_logins
ms-sql-dump-hashes

PowerUpSQL

auxiliary/scanner/postgres/postgres_login

auxiliary/admin/postgres/postgres_readfile
auxiliary/admin/postgres/postgres_sql
Metasploit
auxiliary/scanner/postgres/postgres_version

auxiliary/scanner/postgres/postgres_hashdump
Postgres (5432)
auxiliary/scanner/postgres/postgres_schemadump

psql

oracle-brute-stealth

oracle-brute

oracle-enum-users Nmap
oracle-version
oracle-sid-brute
oracle-tns-version Oracle (1521) oracle-default

auxiliary/scanner/oracle/spy_sid oracle-sid
Metasploit
auxiliary/admin/oracle/oraenum

showmount

Metasploit: auxiliary/scanner/nfs/nfsmount NFS (Port 2049) nfs-ls

Nmap nfs-showmount

nfs-statfs

dnsenum dnsrecon
DNS (Port 53)
dnsdict6 dig

@hackinarticles https://github.com/Ignitetechnologies https://in.linkedin.com/company/hackingarticles