Here is a script for basic network enumeration using windows natives tools in the target machine, the script is multi threaded for performance, it will perform the following:

* Ping Sweep
* DNS Reverse lookup on IP range
* Fordward Lookup bruteforce using a List of hostnames
* Get NS and MX records for a given domain.


you can download the script from http://www.darkoperator.com/netenum.tar.gz
Let me know if you like it and any recommendations are welcomed.


here is some sample output:
Code:
meterpreter > run netenum
Network Enumerator Meterpreter Script by Darkoperator
Carlos Perez carlos_perez@darkoperator.com

Usage:

OPTIONS:

    -d <opt>  Domain Name for DNS Fordward Lookup
    -fl        To Perform DNS Fordward Lookup on host list and domain
    -h        Help menu.
    -hl <opt>  File with Host List for DNS Fordward Lookup
    -ps        To Perform Ping Sweeo on IP Range
    -r <opt>  The target address range or CIDR identifier
    -rl        To Perform DNS Reverse Lookup on IP Range
    -st        To Perform DNS lookup of MX, NS and SOA records for a domain

meterpreter > run netenum -fl -hl /home/carlos/hostlist.txt -d google.com
[*] Network Enumerator Meterpreter Script by Darkoperator
[*] Carlos Perez carlos_perez@darkoperator.com
[*] Performing DNS Fordward Lookup for hosts in /home/carlos/hostlist.txt for domain google.com
[*]     Name:cg-in-f100.google.com    209.85.171.100
[*]     Name:cg-in-f102.google.com    209.85.171.102
[*]     Name:googlemail.l.google.com    209.85.133.83,209.85.133.18,209.85.133.19
[*]     Name:cg-in-f101.google.com    209.85.171.101



meterpreter > run netenum -rl -r 209.85.171.100-209.85.171.110
[*] Network Enumerator Meterpreter Script by Darkoperator
[*] Carlos Perez carlos_perez@darkoperator.com
[*] Performing DNS Reverse Lookup for IP range 209.85.171.100-209.85.171.110
[*]      209.85.171.100 is cg-in-f100.google.com
[*]      209.85.171.101 is cg-in-f101.google.com
[*]      209.85.171.102 is cg-in-f102.google.com
[*]      209.85.171.103 is cg-in-f103.google.com
[*]      209.85.171.104 is cg-in-f104.google.com
[*]      209.85.171.108 is cg-in-f108.google.com



meterpreter > run netenum -st -d google.com
[*] Getting MX and NS Records for Domain google.com
[*]     Non-authoritative answer:
[*]    
[*]     google.com    MX preference = 10, mail exchanger = smtp4.google.com
[*]     google.com    MX preference = 10, mail exchanger = smtp1.google.com
[*]     google.com    MX preference = 10, mail exchanger = smtp2.google.com
[*]     google.com    MX preference = 10, mail exchanger = smtp3.google.com
[*]    
[*]     google.com    nameserver = ns3.google.com
[*]     google.com    nameserver = ns4.google.com
[*]     google.com    nameserver = ns1.google.com
[*]     google.com    nameserver = ns2.google.com
[*]     smtp1.google.com    internet address = 209.85.237.25
[*]     smtp2.google.com    internet address = 64.233.165.25
[*]     smtp3.google.com    internet address = 64.233.183.25
[*]     smtp4.google.com    internet address = 72.14.221.25
[*]     ns1.google.com    internet address = 216.239.32.10
[*]     ns2.google.com    internet address = 216.239.34.10
[*]     ns3.google.com    internet address = 216.239.36.10
[*]     ns4.google.com    internet address = 216.239.38.10


meterpreter > run netenum -ps -r 209.85.171.100-209.85.171.110
[*] Network Enumerator Meterpreter Script by Darkoperator
[*] Carlos Perez carlos_perez@darkoperator.com
[*] Performing ping sweep for IP range 209.85.171.100-209.85.171.110
[*]     209.85.171.100 host found
[*]     209.85.171.101 host found
[*]     209.85.171.102 host found
[*]     209.85.171.103 host found
[*]     209.85.171.104 host found