pugDNS : Revolutionizing DNS Query Speed And Accuracy For Advanced Networking Needs

pugDNS is an experimental, high-performance DNS query tool designed to facilitate fast and accurate bulk DNS lookups.

It leverages AF_XDP (Address Family eXpress Data Path) sockets to achieve significantly higher query rates compared to traditional DNS tools.

This makes it particularly useful for security researchers, network administrators, and penetration testers involved in DNS reconnaissance and domain discovery tasks.

Key Features

• High Performance: pugDNS uses AF_XDP sockets to directly inject DNS queries into the L2 layer of the kernel, bypassing the traditional network stack. This results in faster bandwidth and lower latency compared to other tools.
• Experimental eBPF Support: It includes beta support for receiving DNS packets using an eBPF filter, enhancing its capabilities for network packet handling.
• Accuracy and Speed: Benchmarks show that pugDNS is significantly faster than popular alternatives like massdns, zdns, and dnsx. It achieved 100% accuracy in tests with a large domain wordlist.

In benchmarks conducted on a server with a 1Gbit/s port, pugDNS outperformed other tools:

• 3.3x faster than massdns
• 12.5x faster than zdns
• 29.6x faster than dnsx

These benchmarks highlight pugDNS’s potential for handling large-scale DNS queries efficiently.

Currently, pugDNS requires using tools like tcpdump to capture responses, as it does not handle this internally.

Future developments aim to address this limitation by adding support for sniffing DNS responses directly.

Other planned features include support for AF_XDP raw sockets and handling multiple nameservers and subdomains files as input.

To use pugDNS, users can clone the repository from GitHub and build it using Go:

bashgit clone https://github.com/c3l3si4n/pugdns
go generate && go build
./pugdns

The project credits the slavc/xdp library for its AF_XDP functionality in Go.

pugDNS offers a promising solution for those needing high-speed DNS query capabilities. While still in development, its performance advantages make it a tool worth considering for large-scale DNS reconnaissance tasks.