DNSProbe : Tool That Allows You To Perform Multiple DNS Queries

DNSProbe is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

  • Simple and Handy utility to query DNS records.

Usage

dnsprobe -h

Also Read – CrauEmu : uEmu Extension For Developing & Analyzing Payloads For Code-Reuse Attacks

This will display help for the tool. Here are all the switches it supports.

FlagDescriptionExample
-cMax dns retries (default 1)dnsprobe -c 5
-lList of dns domains (optional)dnsprobe -l domains.txt
-rRequest Type A, NS, CNAME, SOA, PTR, MX, TXT, AAAA (default “A”)dnsprobe -r A
-sList of resolvers (optional)dnsprobe -s resolvers.txt
-tNumber of concurrent requests to make (default 250)dnsprobe -t 500
-fOutput type: ip, domain, response, simple (domain + ip, default), full (domain + response), json (domain + raw response)dnsprobe -f json
-oOutput file (optional)dnsprobe -o
result.txt

Installation Instructions

  • From Source

It requires go1.13+ to install successfully. Run the following command to get the repo –

GO111MODULE=on go get -u -v github.com/projectdiscovery/dnsprobe

In order to update the tool, you can use -u flag with go get command.

  • Querying host for A record

To query a list of domains, you can pass the list via stdin.

> cat domains.txt | dnsprobe

root@test:~# cat bc.txt | dnsprobe
bounce.bugcrowd.com 192.28.152.174
blog.bugcrowd.com 104.20.4.239
blog.bugcrowd.com 104.20.5.239
www.bugcrowd.com 104.20.5.239
www.bugcrowd.com 104.20.4.239
events.bugcrowd.com 54.84.134.174

  • Querying host for CNAME record

> dnsprobe -l domains.txt -r CNAME

root@test:~# dnsprobe -l bc.txt -r CNAME
forum.bugcrowd.com bugcrowd.hosted-by-discourse.com. collateral.bugcrowd.com bugcrowd.outrch.com.
go.bugcrowd.com mkto-ab270028.com.
ww2.bugcrowd.com bugcrowdinc.mktoweb.com. researcherdocs.bugcrowd.com ssl.readmessl.com.
docs.bugcrowd.com ssl.readmessl.com.

This will run the tool against domains in domains.txt and returns the results. The tool uses the resolvers specified with -s option to perform the queries or default system resolvers.

  • Querying CNAME records on the Subfinder output

> subfinder -d bugcrowd.com -silent | dnsprobe -r cname

root@b0x:~# subfinder -d bugcrowd.com -silent | dnsprobe -r cname forum.bugcrowd.com bugcrowd.hosted-by-discourse.com. docs.bugcrowd.com ssl.readmessl.com.
go.bugcrowd.com mkto-ab270028.com.
ww2.bugcrowd.com bugcrowdinc.mktoweb.com. researcherdocs.bugcrowd.com ssl.readmessl.com.
collateral.bugcrowd.com bugcrowd.outrch.com.
proxilate.bugcrowd.com proxilate.a.bugcrowd.com.

R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

1 day ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

1 day ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

3 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

6 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago