Enum4Linux
This is generally a pretty simple tool to scan SMB servers which requires just the IP address of the server. You can list all the different options available by using enum4linux -h but generally using the -a option is always a good idea since it includes all the other options like ‘get userlist’ or ‘get sharelist’. You can provide a username and password with the options -u and -p . Include the IP address last.
enum4linux -u '<User>' -p '<password>' -a <IP>
If the user account has no password just don’t use the -p option or use -p ''. Enum4Linux will also try to guess user accounts like ‘guest’ or ‘root’ however it strangely doesn’t include the account ‘Administrator’ which is often a default Windows account. It is advisable to manually try that username.