- Reading the `/etc/passwd` file can be an easy way to discover users on the system. - While the output can be long and a bit intimidating, it can easily be cut and converted to a useful list for brute-force attacks ```bash cat /etc/passwd | cut -d ":" -f 1 ``` - This will return all users, some of which are system or service users that would not be very helpful. Another approach could be to grep for "home" as real users will most likely have their folders under the "home" directory ```bash cat /etc/passwd | grep home ```