Premium Resources

NetBIOS Enumeration

NetBIOS stands for Network Basic Input Output System. It Allows computer communication over a LAN and allows them to share files and printers.

NetBIOS names are used to identify network devices over TCP/IP (Windows). It must be unique on a network, limited to 16 characters where 15 characters are used for the device name and the 16th character is reserved for identifying the type of service running or name record type.

Attackers use the NetBIOS enumeration to obtain:

  • List of computers that belong to a domain

  • List of shares on the individual hosts on the network

  • Policies and passwords

Commands and tools used:

Nbtstat: utility used to find protocol statistics, NetBIOS name table and name cache details

Superscan: GUI tool used to enumerate windows machine

Net view: command line tool to identify shared resources on a network

Related Topics