Windows Share Enumeration

Find Windows shares that are readable by everyone, and report details like the number of files in the share and whether the files are writable. This is good for identifying groups of files that may need tighter access control.

Windows Share Enumeration is not available to Express Lite users.


The Dissolvable Agent must be accepted for your subscription. Go to Scans > Setup > Dissolvable Agent and check to be sure the Agent is accepted. If not, a Manager must accept go there and accept the Agent. Learn more

Go to Scans > Option Profiles, and select these options:

- Enable the Dissolvable Agent

- Enable Windows Share Enumeration

You must also select the following options for vulnerability scans:

- Enable Windows authentication

- Make sure QID 90635 is included under Vulnerability Detection. If Complete is selected this QID will be tested. If Custom is selected, be sure that QID 90635 is added to a search list that's included.

Create Windows authentication records with administrator / root privileges. Go to Scans > Authentication to manage authentication records.

Scan hosts for Windows Share Enumeration. Make sure you choose the option profile with Windows Share Enumeration enabled, and the target hosts are in the Windows authentication record. Look at the Results section of your scan results to see the findings. See a sample vulnerability scan report and a sample compliance report.