Description: Target enumeration plays a key role in penetration testing. Dnsrecon is one of the information gathering tool which enumerates the information regarding the target dns.. In this video i am using dnsrecon tool which is been programmed in python. Even there is also other dnsrecon tool available in ruby and you can have quick look at the video through this link. http://vimeo.com/6807644.
Dnsrecon performs the following operations
=====> Finds NS, SOA, and MX records
=====> Execution of zone transfer on each and every NS server
=====> enumarates most common SRV records for a given domain.
=====> Performs Reverse Lookup
=====> Top level domain expansion
Commands used in this video
1 ./dnsrecon.py -d google.com
2 ./dnsrecon.py -t std -d google.com
3 ./dnsrecon.py -t tld -d google.com
4 ./dnsrecon.py -t std -d google.com -s
5 ./dnsrecon.py -t axfr -d iitk.ac.in
6 ./dnsrecon.py -t std -d google.com -w
Command Description
This command Performs general enumeration on the target domain.
===============> ./dnsrecon.py -d google.com
Doing a standard query for obtaining dns records
===============> ./dnsrecon.py -t std -d google.com
Gets the information on Top level domain
===============> ./dnsrecon.py -t tld -d google.com
Expansion of SPF Records
===============> ./dnsrecon.py -t std -d google.com -s
Zone Transfer
===============> ./dnsrecon.py -t axfr -d iitk.ac.in
Integrating Whois:
===============> ./dnsrecon.py -t std -d google.com -w
Tags: st-tools , tools , dnsrecon , information-gathering , securitytube.net ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
You are planning to cover all dns tool first ?
@Moksha we are planning to cover all the tools based on tool category.
Thats nice! please go ahead.
Fantastic Chaitanya. Please Cover all the tools which are listed in ST TOOLS SITE :)
The Zone Transfer bug has been fixed, seems that the bug report email must had been lost somehow since I do not find any report for it in my inbox for the email shown in the help section nor in my GitHub. There where several parts not covered like the Metasploit import plugin, the parser tool, output formats in XML, SQLite and CSV, Whois Integration and DNSSEC ZoneWalks. I will update the Wiki in the GitHub project with more examples and installation for Windows and Python 3.2. Thanks for the review and hope you find the tool useful.
@Darkoperator We have used maximum subset of the options of every tool and we will be developing other options to each and every tool. Kindly bring notice to us on usage of the tools. so that we can make better videos with maximum number of options.