smbmap -H <target ip>
# List shares
smbmap -R Replication -H <target ip>
# List files and direcotories
smbmap -R Replication -H <target ip> -A <filename> -q
# Download files
updatedb
locate -r '\.nse$'| xargs grep categories | grep smb
nmap --script "vuln and safe" -Pn -n -p 445 <target ip>
nmap --script smb-vuln* -p 139,445 <target ip>
