Cyber security

pugDNS : Revolutionizing DNS Query Speed And Accuracy For Advanced Networking Needs

pugDNS is an experimental, high-performance DNS query tool designed to facilitate fast and accurate bulk DNS lookups.

It leverages AF_XDP (Address Family eXpress Data Path) sockets to achieve significantly higher query rates compared to traditional DNS tools.

This makes it particularly useful for security researchers, network administrators, and penetration testers involved in DNS reconnaissance and domain discovery tasks.

Key Features

  • High Performance: pugDNS uses AF_XDP sockets to directly inject DNS queries into the L2 layer of the kernel, bypassing the traditional network stack. This results in faster bandwidth and lower latency compared to other tools.
  • Experimental eBPF Support: It includes beta support for receiving DNS packets using an eBPF filter, enhancing its capabilities for network packet handling.
  • Accuracy and Speed: Benchmarks show that pugDNS is significantly faster than popular alternatives like massdns, zdns, and dnsx. It achieved 100% accuracy in tests with a large domain wordlist.

In benchmarks conducted on a server with a 1Gbit/s port, pugDNS outperformed other tools:

  • 3.3x faster than massdns
  • 12.5x faster than zdns
  • 29.6x faster than dnsx

These benchmarks highlight pugDNS’s potential for handling large-scale DNS queries efficiently.

Currently, pugDNS requires using tools like tcpdump to capture responses, as it does not handle this internally.

Future developments aim to address this limitation by adding support for sniffing DNS responses directly.

Other planned features include support for AF_XDP raw sockets and handling multiple nameservers and subdomains files as input.

To use pugDNS, users can clone the repository from GitHub and build it using Go:

bashgit clone https://github.com/c3l3si4n/pugdns
go generate && go build
./pugdns

The project credits the slavc/xdp library for its AF_XDP functionality in Go.

pugDNS offers a promising solution for those needing high-speed DNS query capabilities. While still in development, its performance advantages make it a tool worth considering for large-scale DNS reconnaissance tasks.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtoolspugDNS
10 months ago

Recent Posts

How AI Puts Data Security at Risk

Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…

4 weeks ago

The Evolution of Cloud Technology: Where We Started and Where We’re Headed

Image credit:pexels.com If you think back to the early days of personal computing, you probably…

4 weeks ago

The Evolution of Online Finance Tools In a Tech-Driven World

In an era defined by technological innovation, the way people handle and understand money has…

4 weeks ago

A Complete Guide to Lenso.ai and Its Reverse Image Search Capabilities

The online world becomes more visually driven with every passing year. Images spread across websites,…

4 weeks ago

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

2 months ago

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

2 months ago