The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.
The program currently performs the following operations:
- Get the host’s addresse (A record).
- Get the namservers (threaded).
- Get the MX record (threaded).
- Perform axfr queries on nameservers (threaded).
- Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
- Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
- Calculate C class domain network ranges and perform whois queries on them (threaded).
- Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
- Write to domain_ips.txt file ip-blocks.
The output file domain_ips.txt will contain non-contiguous IP blocks:
You can download DNSenum v1.2 here:
Or you can read more here.
- Watcher – Passive Web Application Vulnerability Scanner
- Pentoo – Gentoo Based Penetration Testing Linux LiveCD
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
- Complemento v0.4b – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool
- dnsmap 0.22 Released – Subdomain Bruteforcing Tool
- Complemento v0.6 – LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,901,182 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,126,136 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 639,080 views