In the phase of Enumeration, An attacker initiates active connections with the target system. With this active connection, direct queries are generated to gain more information. These information helps to identify the system attack points. Once attacker discovers attack points, it can gain unauthorized access using this collected information to reach assets.
Information that is enumerated in this phase are: -
Routing Information SNMP Information DNS Information Machine Name User Information Group Information Application and Banners Network Sharing Information Network Resources In the previous phases, the finding was not too concerned with any legal issues. Using the tools required for enumeration phase may cross legal boundaries and chances to being traced as using active connections with the target. You must have proper permission to perform these actions.