Enum4Linux
enum4linux -a target-ip
Do Everything, runs all options apart from dictionary based share name guessing
Extract OS Information
enum4linux -s shares.txt target-ip
Perform a dictionary attack, if the server doesn’t let you retrieve a share list
enum4linux -i target-ip
Pull information about printers known to the remove device.
Lists usernames, if the server allows it – (RestrictAnonymous = 0)