Info

NEXA – Network Enumeration & xXposure Analyzer NEXA – Network Enumeration & xXposure Analyzer

NEXA – Network Enumeration & xXposure Analyzer

9/5/2025

Building NEXA: My Approach to Automated Enumeration

In cybersecurity, I’ve always found that one of the most time-consuming parts of an assessment is enumeration. Mapping out networks, digging through services, and identifying potential attack paths can feel repetitive, but it’s also one of the most important steps in understanding a target’s security posture.

That’s exactly why I decided to create NEXA. I wanted a tool that could take some of the heavy lifting out of enumeration while still being flexible enough for different environments and testing scenarios.

What is NEXA?

NEXA stands for Network Enumeration & eXposure Analyzer. It’s an open-source project I built to automate network and application enumeration tasks.

I designed it with a few main goals in mind:

  • Save time by automating repetitive tasks
  • Support multiple environments, including Windows servers, Linux applications, and Active Directory setups
  • Be approachable for beginners while still useful for experienced security testers

Whether you’re doing web application analysis, testing Active Directory environments, or just scanning a new network segment, NEXA is meant to help streamline the process.

Why I Built It

After running countless tests with different tools, I kept running into the same issue: I’d spend more time stitching together scripts and parsing outputs than actually analyzing results. NEXA grew out of my own workflow-I wanted something that would give me consistent results without the hassle.

Another big motivation was accessibility. I remember when I first started with pentesting, the sheer number of tools and command options was overwhelming. You had to know which script to run, in what order, and then manually tie all the results together. I wanted NEXA to lower that barrier by acting as a central, automated helper-something that could walk beginners through the process while still giving advanced users the flexibility to tweak and extend it.

In short, I built NEXA to save time, reduce frustration, and help make enumeration a smoother experience for anyone in the security field.

Features of NEXA

NEXA is packed with powerful features designed to handle diverse security testing needs:

1. Target Support

  • IP Addresses: Direct IP-based enumeration.
  • Domain Names: Enumerate domains with optional IP resolution.
  • Flexible Input: Automatically detects input type (IP vs Domain).
  • Windows Applications: Comprehensive service enumeration, web application scanning.
  • Linux Applications: Similar to Windows, but optimized for Linux environments.
  • Active Directory: Supports SMB, LDAP, Kerberos, and NetExec enumerations.

2. Enumeration Capabilities

  • Nmap Scans: Basic (port detection), Aggressive (includes vulnerability scripts), and Stealth scans (low-profile scanning).
  • Web Application Enumeration: Dirories via Gobuster, vulnerabilities with Nuclei, subdomains via Sublist3r.
  • Active Directory Enumeration: SMB enumeration with enum4linux-ng, LDAP querying, Kerberos authentication checks.

3. User Interface

NEXA features an interactive menu-driven interface with:

  • Color-coded output for easy readability.
  • Progress indicators and status updates.
  • Organized output directory structure (e.g., enum_results_YYYYMMDD_HHMMSS/).

4. Output Structure

The tool organizes results in a structured timestamped directory, making it easy to review and analyze findings.

5. Docker Integration

NEXA can be built as a Docker container:

Terminal window
docker build -t nexa .

Run with host networking and persistent outputs:

Terminal window
mkdir -p outputs
docker run --rm -it --net=host -v "$(pwd)/outputs:/app/output" nexa

Results appear in the ./outputs directory.

How to Use NEXA

Installation

  1. Clone or download the script.

  2. Make it executable:

    Terminal window
    chmod +x NEXA.sh

  3. Run with root privileges (recommended):

    Terminal window
    sudo ./NEXA.sh

  4. Access the main menu.

Basic Usage

Terminal window
./NEXA.sh

Advanced Usage

Choose from multiple modes:

  1. Windows Application Enumeration
  2. Linux Application Enumeration
  3. Active Directory Enumeration
  4. Comprehensive Enumeration (All Target Types)
  5. Exit

Security Considerations

While NEXA is a powerful tool, it’s important to use it responsibly:

  • Legal Compliance: Ensure you have proper authorization before scanning any target.
  • Network Impact: Some scans may generate significant network traffic.
  • Detection Risk: Aggressive scans might trigger security monitoring systems.
  • Rate Limiting: Use stealth options in production environments.

Troubleshooting

Common issues include:

  1. Permission Denied: Run with sudo.
  2. Missing Dependencies: Check the provided commands to install required tools.
  3. Scan Failures: Verify network connectivity and firewall settings.
  4. Slow Performance: Adjust scan rates or use stealth options.

Dependency Checks

NEXA automatically checks for dependencies and provides installation instructions when needed.

Contributing

Feeling like you should contribute? Submit issues, feature requests, or pull requests to help improve NEXA.

License

This tool is provided for educational and authorized security testing purposes only. Proper authorization is required before any use involving live systems.

Disclaimer

The authors are not responsible for misuse of this tool. Users must ensure they have proper authorization before conducting any security assessments.

Final Thoughts

NEXA isn’t just another pentesting tool—it’s a game-changer for anyone looking to streamline their network and application enumeration processes. With its comprehensive features, user-friendly interface, and Docker support, NEXA is ready to become your go-to solution for secure system analysis.

Try NEXA today and see how it can enhance your security practices! 🚀

← Back to projects