dnsrecon
Opening Instructions:
This is a simple tool written for target enumeration during authorized penetration test
engagements. This tool provides different methods for enumerating targets through DNS service.
USAGE:
ruby dnsrecon.rb <type> <arguments> <Optional:nameserver to use>
TYPES:
*** Reverse Lookup for Range ***
ruby dnsrecon.rb -r <start ip> <end ip> <Optional:nameserver to use>
*** Top Level Domain Expansion ***
ruby dnsrecon.rb -tld <target domain> <Optional:nameserver to use>
*** DNS Host and Domain Bruteforce ***
ruby dnsrecon.rb -b <target domain> <file> <Optional:nameserver to use>
*** General DNS Query for NS, SOA and MX Records ***
ruby dnsrecon.rb -s <target domain> <Optional:nameserver to use>
*** Execute Zone transfer on each NS server reported ***
ruby dnsrecon.rb -axfr <target domain> <Optional:nameserver to use>
*** Enumerates most common SRV Records for a given domain ***
ruby dnsrecon.rb -srv <target domain> <Optional:nameserver to use>
Purpose:
Requesting zone transfers; finding undocumented subdomains; doing reverse lookup using IP ranges to find any domain or particular domains.
Stage:
Information Gathering