The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.
The program currently performs the following operations:
- Get the host’s addresse (A record).
- Get the namservers (threaded).
- Get the MX record (threaded).
- Perform axfr queries on nameservers (threaded).
- Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
- Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
- Calculate C class domain network ranges and perform whois queries on them (threaded).
- Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
- Write to domain_ips.txt file ip-blocks.
The output file domain_ips.txt will contain non-contiguous IP blocks:
You can download DNSenum v1.2 here:
Or you can read more here.
- Blackhash – Audit Passwords Without Hashes
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- Complemento v0.4b – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool
- dnsmap 0.22 Released – Subdomain Bruteforcing Tool
- Complemento v0.6 – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,733 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,979 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,607 views