pugDNS : Revolutionizing DNS Query Speed And Accuracy For Advanced Networking Needs

pugDNS is an experimental, high-performance DNS query tool designed to facilitate fast and accurate bulk DNS lookups.

It leverages AF_XDP (Address Family eXpress Data Path) sockets to achieve significantly higher query rates compared to traditional DNS tools.

This makes it particularly useful for security researchers, network administrators, and penetration testers involved in DNS reconnaissance and domain discovery tasks.

Key Features

High Performance: pugDNS uses AF_XDP sockets to directly inject DNS queries into the L2 layer of the kernel, bypassing the traditional network stack. This results in faster bandwidth and lower latency compared to other tools.
Experimental eBPF Support: It includes beta support for receiving DNS packets using an eBPF filter, enhancing its capabilities for network packet handling.
Accuracy and Speed: Benchmarks show that pugDNS is significantly faster than popular alternatives like massdns, zdns, and dnsx. It achieved 100% accuracy in tests with a large domain wordlist.

In benchmarks conducted on a server with a 1Gbit/s port, pugDNS outperformed other tools:

3.3x faster than massdns
12.5x faster than zdns
29.6x faster than dnsx

These benchmarks highlight pugDNS’s potential for handling large-scale DNS queries efficiently.

Currently, pugDNS requires using tools like tcpdump to capture responses, as it does not handle this internally.

Future developments aim to address this limitation by adding support for sniffing DNS responses directly.

Other planned features include support for AF_XDP raw sockets and handling multiple nameservers and subdomains files as input.

To use pugDNS, users can clone the repository from GitHub and build it using Go:

bashgit clone https://github.com/c3l3si4n/pugdns
go generate && go build
./pugdns

The project credits the slavc/xdp library for its AF_XDP functionality in Go.

pugDNS offers a promising solution for those needing high-speed DNS query capabilities. While still in development, its performance advantages make it a tool worth considering for large-scale DNS reconnaissance tasks.

Hickory DNS : A Modern, Rust-Based Solution For DNS Security And Performance

February 11, 2025

In "Cyber security"

Dnsdiag – DNS Diagnostics and Performance Measurement Tools

October 10, 2018

In "Kali Linux"

dnsx – A Comprehensive DNS Toolkit For Advanced Network Probing

July 29, 2024

In "Hacking Tools"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.