impacket-rpcdump
enumerates RPC endpoints on a target system
TLDR
Dump RPC endpoints
$ impacket-rpcdump [target]
Dump with authentication$ impacket-rpcdump [domain]/[user]:[password]@[target]
Specify port$ impacket-rpcdump -port [135] [target]
SYNOPSIS
impacket-rpcdump [options] target
DESCRIPTION
impacket-rpcdump enumerates RPC endpoints on a target system. Part of the Impacket toolkit. Lists available RPC services with UUIDs and bindings. Useful for reconnaissance in penetration testing.
PARAMETERS
-port port
RPC port (default 135).-hashes lm:nt
Use NTLM hashes.-k
Use Kerberos.
SEE ALSO
impacket-rpcmap(1), rpcclient(1)