π§¬DNS
DNS Tools
DNS reconnaissance involves utilizing specialized tools designed to query DNS servers and extract valuable information. Here are some of the most popular and versatile tools in the arsenal of web recon professionals:
dig
Versatile DNS lookup tool that supports various query types (A, MX, NS, TXT, etc.) and detailed output.
Manual DNS queries, zone transfers (if allowed), troubleshooting DNS issues, and in-depth analysis of DNS records.
nslookup
Simpler DNS lookup tool, primarily for A, AAAA, and MX records.
Basic DNS queries, quick checks of domain resolution and mail server records.
host
Streamlined DNS lookup tool with concise output.
Quick checks of A, AAAA, and MX records.
dnsenum
Automated DNS enumeration tool, dictionary attacks, brute-forcing, zone transfers (if allowed).
Discovering subdomains and gathering DNS information efficiently.
fierce
DNS reconnaissance and subdomain enumeration tool with recursive search and wildcard detection.
User-friendly interface for DNS reconnaissance, identifying subdomains and potential targets.
dnsrecon
Combines multiple DNS reconnaissance techniques and supports various output formats.
Comprehensive DNS enumeration, identifying subdomains, and gathering DNS records for further analysis.
theHarvester
OSINT tool that gathers information from various sources, including DNS records (email addresses).
Collecting email addresses, employee information, and other data associated with a domain from multiple sources.
Online DNS Lookup Services
User-friendly interfaces for performing DNS lookups.
Quick and easy DNS lookups, convenient when command-line tools are not available, checking for domain availability or basic information
Last updated