Enumeration involves gathering information about the services that are run on the system and those of individual targets. This stage reveals services and protocols, which are exploitable.