The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.
The program currently performs the following operations:
- Get the host’s addresse (A record).
- Get the namservers (threaded).
- Get the MX record (threaded).
- Perform axfr queries on nameservers (threaded).
- Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
- Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
- Calculate C class domain network ranges and perform whois queries on them (threaded).
- Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
- Write to domain_ips.txt file ip-blocks.
The output file domain_ips.txt will contain non-contiguous IP blocks:
You can download DNSenum v1.2 here:
Or you can read more here.
- HookME – API Based TCP Proxy Including SSL
- EvilFOCA – Network Attack Toolkit
- peinjector – MITM PE File Injector
- InstaRecon – Automated Subdomain Discovery Tool
- Complemento v0.4b – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool
- dnsmap 0.22 Released – Subdomain Bruteforcing Tool
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,929,791 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,237,414 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 653,781 views