Skip to main content
  1. Posts/

Creating My Own SMB Scanner

·321 words·2 mins·
Hi, my name is tiff. I am a former frontend developer pivoting to cybersecurity.
Building an SMB Scanner - This article is part of a series.

A proof of concept that enables a better of understanding of more popular tools and how they work to find open shares on a target host.

One of the things I am consistently learning while embarking on this career pivot to cybersecurity is how much of a leg up building your own tools, blogging, and networking can get you when trying to enter the field with no prior (cybersecurity) experience.

I have software development experience which makes building my own tooling super fun for me. I’ve already built a DDoS Script and an DNS Enumeration tool, but those are no where near the projects I want to build and showcase.


A simple dns enumeration tool for pentesting recon


The DDoS script was the most challenging and most rewarding of the two because of how much I struggled to build it, to get my head around Python, a language I hadn’t used in 9 years. The DNS enumeration tool was built as part of a YouTube video I watched from a guy that works at TryHackMe now and I put little though into it.

Now, I feel I am ready to build my own tools. I’ve written some thorough notes about the design of this tool, but here are the basics:

  1. What should the script do?
  2. What does it accomplish that nmap and rustcan do not?
  3. How will you utilize the goals of other, more established scripts to build your own?
I’ve answered these questions with the following:

The script should only do four things

  • List server shares
  • Find null authentication
  • Enumerate shares
  • List permissions on each shared directory

That seems like a fair amount of tasks for the script to accomplish for now.


I’ve started building it already. You can find it on my GitHub account.


Building an SMB Scanner - This article is part of a series.


Simple Scripts: Beginning
·398 words·2 mins
I’m currently working through (and banging my head against) working with Python scripts to simulate pentesting techniques.
How Can Logs Be Deleted?
·47 words·1 min
Can logs be deleted by sending to /dev/null?
TCM Security Practical Web App Security and Testing
·214 words·2 mins
In this post I will be writing about how we setup our pentest lab in a few VMs and Docker containers, with this post being about how to set it up on an M-series Mac.