dnsrecon
DNSRecon is a command-line tool for DNS reconnaissance, identifying DNS misconfigurations, vulnerabilities, zone transfers, and cache poisoning attempts.
DNSRecon is a powerful security tool that allows system administrators, network engineers, and security professionals to perform comprehensive reconnaissance of the Domain Name System (DNS). DNSRecon is a command-line tool that is designed to identify common DNS misconfigurations, vulnerabilities, and weaknesses that could be exploited by attackers to gain unauthorized access to a network.
DNSRecon is an open-source tool that is written in Python and is available for Linux and Windows platforms. It is a flexible tool that can be customized to suit the specific needs of the user. It is ideal for performing reconnaissance tasks such as enumerating DNS records, subdomains, and network hosts, as well as identifying DNS zone transfers and potential DNS cache poisoning attacks.
One of the key features of DNSRecon is its ability to perform DNS zone transfers. DNS zone transfers are a commonly used technique for gathering information about a target network. DNSRecon can perform zone transfers on all DNS servers that are authoritative for a domain, allowing it to build a comprehensive list of DNS records, subdomains, and network hosts.
Another important feature of DNSRecon is its ability to identify potential DNS cache poisoning attacks. DNS cache poisoning attacks are a serious threat to network security, as they can allow attackers to redirect users to malicious websites or steal sensitive information. DNSRecon can identify vulnerable DNS servers that are susceptible to cache poisoning attacks, allowing system administrators to take remedial action before an attack occurs.
DNSRecon also includes features for performing brute-force attacks against DNS servers to identify valid hostnames and subdomains. This can be useful for discovering hidden network resources that may not be listed in the public DNS records.
In addition to its reconnaissance capabilities, DNSRecon also includes a number of other features that can be used to enhance network security. These include the ability to perform DNS queries using specific DNS server addresses, the ability to perform reverse DNS lookups, and the ability to generate reports in various formats.
In conclusion, DNSRecon is a powerful and flexible security tool that can be used to perform comprehensive reconnaissance of the DNS. Its ability to identify common DNS misconfigurations, vulnerabilities, and weaknesses makes it an essential tool for any network security professional. Whether you are a system administrator, network engineer, or security professional, DNSRecon can help you to secure your network and protect against potential attacks.
dnsrecon Usage Example
Scan a domain (-d example.com), use a dictionary to brute force hostnames (-D /usr/share/wordlists/dnsmap.txt), do a standard scan (-t std), and save the output to a file (–xml dnsrecon.xml):
Packages and Binaries:
dnsrecon
DNSRecon is a Python script that provides the ability to perform:
Check all NS Records for Zone Transfers.
Enumerate General DNS Records for a given Domain (MX, SOA, NS, A, AAAA, SPF and TXT).
Perform common SRV Record Enumeration.
Top Level Domain (TLD) Expansion.
Check for Wildcard Resolution.
Brute Force subdomain and host A and AAAA records given a domain and a wordlist.
Perform a PTR Record lookup for a given IP Range or CIDR.
Check a DNS Server Cached records for A, AAAA and CNAME
Records provided a list of host records in a text file to check.
Enumerate Hosts and Subdomains using Google
Installed size: 1.40 MB
How to install: sudo apt install dnsrecon
dnsrecon
DNS Enumeration and Scanning Tool
Updated on: 2022-Nov-16
Last updated
Was this helpful?