Responder ⚙️

​Responder (Python) is a great tool for LLMNR, NBTNS, MDNS poisoning and WPAD spoofing but it can also be used in "analyze" modes.
BROWSER mode: inspect Browse Service messages and map IP addresses with NetBIOS names 
LANMAN mode: passively map domain controllers, servers and workstations joined to a domain with the Browser protocol (see this).
LLMNR, NBTNS, MDNS modes: inspect broadcast and multicast name resolution requests
The following command will enable the analyze modes and will give interesting information like
Domain Controller, SQL servers, workstations
Fully Qualified Domain Name (FQDN)
Windows versions in used
The "enabled" or "disabled" state of protocols like LLMNR, NBTNS, MDNS, LANMAN, BROWSER
responder --interface "eth0" --analyze
responder -I "eth0" -A
Responder 2.0 - Owning Windows Networks part 3
Trustwave
NBT-NS
Port scanning
Last modified 11mo ago