Initial Enumeration

Starting off with a typical super intrusive nmap scan,
nmap -T5 -APn -o Forest -p- 10.10.10.161

We see we get a lot of information back from the host!

 

Since we are working with a Windows 2016 server, we should try and enumerate with
some basics scripts we have at our disposal. After exhausting all of our NSE
enumeration scripts, another great tool too use for windows enumeration is enum4linux