DNSRecon – DNS Enumeration Script


DNSRecon is a Python based DNS enumeration script designed to help you audit your DNS security and configuration as part of information gathering stage of a pen-test. DNS reconnaissance is an important step when mapping out domain resources, sub-domains, e-mail servers and so on and can often lead to you finding an old DNS entry pointing to an unmaintained, insecure server.

DNSRecon - DNS Enumeration Script

It’s also considered passive information gathering, as it’s a way to gather a map of company/target resources without alerting IDS/IPS systems by doing active probes/scans.

Features

DNSRecon provides the ability to perform:

  • Check all NS Records for Zone Transfers
  • Enumerate General DNS Records for a given Domain (MX, SOA, NS, A, AAAA, SPF and TXT)
  • Perform common SRV Record Enumeration. Top Level Domain (TLD) Expansion
  • Check for Wildcard Resolution
  • Brute Force subdomain and host A and AAAA records given a domain and a wordlist
  • Perform a PTR Record lookup for a given IP Range or CIDR
  • Check a DNS Server Cached records for A, AAAA and CNAME Records provided a list of host records in a text file to check
  • Enumerate Common mDNS records in the Local Network Enumerate Hosts and Subdomains using Google

Usage

You can download DNSRecon here:

dnsrecon-v0.8.9.zip

Or read more here.

Posted in: Hacking Tools, Networking Hacking Tools

, , ,


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.


Comments are closed.