DNSenum – Domain Information Gathering Tool

Keep on Guard!


The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain.

The program currently performs the following operations:

  1. Get the host’s addresse (A record).
  2. Get the namservers (threaded).
  3. Get the MX record (threaded).
  4. Perform axfr queries on nameservers (threaded).
  5. Get extra names and subdomains via google scraping (google query = “allinurl: -www site:domain”).
  6. Brute force subdomains from file, can also perform recursion on subdomain that have NS records (all threaded).
  7. Calculate C class domain network ranges and perform whois queries on them (threaded).
  8. Perform reverse lookups on netranges ( C class or/and whois netranges) (threaded).
  9. Write to domain_ips.txt file ip-blocks.

The output file domain_ips.txt will contain non-contiguous IP blocks:

127.0.0.1/32
127.0.0.8/31

You can download DNSenum v1.2 here:

dnsenum1.2.tar.gz

Or you can read more here.

Posted in: Hacking Tools, Networking Hacking, Web Hacking

, , , ,


Latest Posts:


What You Need To Know About KRACK WPA2 Wi-Fi Attack What You Need To Know About KRACK WPA2 Wi-Fi Attack
The Internet has been blowing up in the past week about the KRACK WPA2 attack that is extremely widespread and is a flaw in the Wi-Fi standard itself.
Spaghetti Download - Web Application Security Scanner Spaghetti Download – Web Application Security Scanner
Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations etc.
Taringa Hack - 27 Million User Records Leaked Taringa Hack – 27 Million User Records Leaked
The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it's not often covered in the West.
A2SV - Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed
A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.
VHostScan - Virtual Host Scanner With Alias & Catch-All Detection VHostScan – Virtual Host Scanner With Alias & Catch-All Detection
VHostScan is a Python-based virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
Equifax Hack Blamed On Single Employee Equifax Hack Blamed On Single Employee
We wrote about the Equifax Hack, Data Breach and Leak last month, which happened due to a flaw in Apache Struts that for some reason hadn't been patched.


5 Responses to DNSenum – Domain Information Gathering Tool

  1. Glenn July 10, 2008 at 10:15 am #

    Where do i get the Net::IP modules for windows installations , as i have to use windows box at work , thanks .

  2. Changlinn July 11, 2008 at 1:45 am #

    This is all good and well, but isn’t it better to learn how to do this manually. A little nslookup/dig ping -a and http://www.onsamehost.com
    and some google hacking and you are done, and much richer for the experience.

  3. Pantagruel July 11, 2008 at 10:50 am #

    @Changlinn

    Even pen testers get lazy, we also like the get as much info possible by using as little as tools possible.

    But I guess most of us already have written a script to get these details.

  4. Darknet July 11, 2008 at 10:52 am #

    Yah I was gonna say why not look at it the other way? I know exactly how to do it and all the steps…why not use a tool that can automate it. It’s like saying don’t use Nessus or any VA scanner…manually test each machine on the network, each open port and each service. Hell why use nmap or any port scanner? Just manually craft the packets to send to each port with hping and listen for the results with wireshark.

  5. d347hm4n July 15, 2008 at 9:14 am #

    @Glenn use it in a vm, then you wil have the linux net::ip modules