PorkBind v1.3 – Nameserver (DNS) Security Scanner

The New Acunetix V12 Engine


This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each.

Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread.

Changes for v1.3

  • Wrote in-a-bind shell script that scans random domain names from DMOZ
  • Implemented recursive query testing
  • Changed porkbind.conf to use CVE numbers in addition to CERT alerts
  • Modified text displayed on stdout to make it more parsable
  • Licensed with GNU Lesser General Public License
  • Fixed timeout/concurrency/memory corruption bugs
  • Fixed improper comparison of alpha/beta version numbering bug
  • Added typecasts to silence compiler warnings

The tool now scans for 14 flaws and reports CVE numbers & CERT.

You can download PorkBind v1.3 here:

porkbind-1.3.tar.gz

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Networking Hacking

, , ,


Latest Posts:


Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.


Comments are closed.