Warning: Do not execute these on a network or system that you do not own. Execute only on your own network or system for learning purposes. Do not execute these on any production network or system, unless Rules of engagement have been agreed on, and you have a Get out of jail free card.
Enumeration is listing and identifying the specific services and resources that a target offers.
Move further and deeper into the scanning process to include security scanning. Enumeration is particularly successful in networks that contain unprotected network resources and services:
Take information already gathered during reconnaissance (like IP addresses) and during scanning (open ports) and gather as much extended data about targets and services running on targets, using a variety of techniques and tools.
Start with an IP address range, or a specific DNS entry, and the open ports on the system. Use a number of methods to collect information on applications and hosts on the network and on the user accounts used on the network. Make a list of known and reachable services from that source.