nbtscan -r 192.168.1.0/24
nmap --script "safe or smb-enum-*" -p 139,445 <IP>
enum4linux-ng -A <IP>
enum4linux-ng -A -u <user> -p <password> <IP>
crackmapexec smb <IP> --users [-u <user> -p <password>]
crackmapexec smb <IP> --groups [-u <user> -p <password>]
smbclient -N -L //<IP>
smbclient -N //<IP>/<Folder>
smbclient -U '<username[%password]>' -L //<IP>
smbclient -U '<username[%password]>' //<IP>/<Folder>
smbmap -H <IP> [-P <PORT>]
smbmap -u <username> -p <password> -H <IP> [-P <PORT>]
smbmap [-u <username -p <password>] -R [<Folder>] -H <IP> [-P <PORT>]
crackmapexec smb <IP> -u '' -p '' --shares
crackmapexec smb <IP> -u <username> -p <password> --shares
mount -t cifs //<IP>/share /mnt/share
mount -t cifs -o "username=<username>,password=<password>" //<IP>/share /mnt/share
smbclient //<IP>/<share>
> mask ""
> recurse
> prompt
> mget *