Categories

Share

Home Tutorial DNS Enumeration with DNSENUM To Find DNS Servers

DNS Enumeration with DNSENUM To Find DNS Servers

Tutorial By · April 3, 2023 · 0 Comment
DNS Enumeration DNSENUM Techhyme

DNS enumeration is the process of discovering all the DNS records associated with a particular domain or hostname. The purpose of DNS enumeration is to gather information about the target system that can be used in a variety of ways, including reconnaissance, vulnerability assessment, and penetration testing.

There are various tools and techniques that can be used for DNS enumeration, including:

  • DNS zone transfer: This technique involves requesting a copy of the DNS zone file from the target DNS server. This can be done using tools like Dig or NSLookup.
  • Reverse DNS lookup: This technique involves looking up the hostname associated with a particular IP address. This can be done using tools like Dig or NSLookup.
  • Brute-force DNS enumeration: This technique involves guessing subdomains or hostnames associated with the target domain. This can be done using tools like Fierce, Sublist3r, or Knock.
  • Google Hacking: This technique involves using Google search operators to find DNS records related to the target domain. This can be done using the Google search engine.

DNS enumeration can reveal valuable information about the target system, such as IP addresses, hostnames, and mail servers. This information can be used to map out the target network and identify potential vulnerabilities. However, it is important to note that DNS enumeration can also be used for malicious purposes, so it should only be done with proper authorization and in a responsible manner.

Dnsenum is a popular open-source tool used for DNS enumeration. It is a command-line tool that can be used to gather information about DNS records associated with a particular domain or hostname. The tool uses a variety of techniques, including zone transfers, brute-force, and reverse DNS lookups to enumerate DNS records.

Here are some of the features of Dnsenum:

  1. Zone transfers: Dnsenum can perform a DNS zone transfer to gather all the DNS records associated with the target domain. This is done by requesting a copy of the DNS zone file from the target DNS server.
  2. Brute-force: Dnsenum can perform a brute-force DNS enumeration to guess subdomains or hostnames associated with the target domain. It can use a wordlist or dictionary to generate possible domain names.
  3. Reverse DNS lookup: Dnsenum can perform a reverse DNS lookup to find the hostname associated with a particular IP address.
  4. Output formats: Dnsenum can output the results of the DNS enumeration in different formats, including plain text, CSV, XML, and HTML.

Dnsenum is a powerful tool that can be used for DNS reconnaissance and information gathering. However, it should be used responsibly and only with proper authorization. It is also important to note that some DNS servers may be configured to block zone transfers, so this technique may not always be effective.

Enumeration With Default Settings

When you run the following command with options, it automatically takes the default values i.e. -threads 5 -s 15 -w

Command: dnsenum -enum <example.com>

DNS Enumeration

Enumeration of Sub-domain using Brute force (Custom File)

You can create a custom wordlist or dictionary file by adding domain names or keywords related to the target domain. For example, if the target domain is facebook.com, you can create a wordlist that includes keywords like “dev”, “prod”, “up”, “ctscan” and so on.

DNS Enumeration

When you run the below command, it performs brute force search on subdomains along with the custom file passed (file.txt) as an attribute.

Command: dnsenum -f <file.txt> -r <example.com>

DNS Enumeration

Once the tool has finished running, you can analyze the results. The output section (Brute forcing with file.txt) will contain a list of subdomains that were discovered during the enumeration process.

DNS Enumeration

You may also read:

Related Posts

How To Reload Your Logstash Configuration File Automatically

Tutorial By · April 23, 2023 · 0 Comment
Logstash Techhyme
Logstash is an open-source data processing tool that allows users to collect, transform, and store data from a variety of sources. It is commonly used as part of the ELK stack (Elasticsearch, Logstash, and Kibana) for centralized logging and data... Read more

[Kali Linux] Live Host Identification with Netdiscover

Tutorial By · April 3, 2023 · 0 Comment
Netdiscover Live Host Identification Kali Linux techhyme
Netdiscover is a network discovery tool used to detect hosts and services on a local area network (LAN). It sends ARP requests to the network and then listens for responses from hosts on the network. Netdiscover can be used to... Read more

SSH Enumeration and Penetration Testing – A Brief Guide

Tutorial By · March 15, 2023 · 0 Comment
SSH Enumeration and Testing Techhyme
SSH (Secure Shell) is a network protocol used for secure remote access to a computer system. It is a cryptographic network protocol that provides a secure channel between two networked devices, allowing secure communication over an unsecured network such as... Read more

How to Install Winlogbeat in Windows OS

Tutorial By · March 3, 2023 · 0 Comment
Winlogbeat installation techhyme elasticsearch logstash
Winlogbeat is a lightweight log shipper that monitors Windows event logs and forwards them to various destinations. In this article, we’ll walk you through the steps to install and configure Winlogbeat on a Windows system. Also Read: Installation of Elasticsearch,... Read more

[Tutorial] How to Install MobSF on Kali Linux 2022.1

Linux By · February 24, 2023 · 0 Comment
MobSF stands for Mobile Security Framework. It is an open-source, automated mobile application security testing tool that helps developers, security researchers, and testers to identify security vulnerabilities in mobile applications. MobSF supports both Android and iOS platforms and can perform... Read more

How To Install Jenkins on Ubuntu Machine

Linux By · February 24, 2023 · 0 Comment
Jenkins Install Ubuntu Techhyme
Jenkins is an open-source automation server that helps automate parts of the software development process such as building, testing, and deploying software. It can be used to automate any task that can be scripted or run via a command-line interface.... Read more

[Tutorial] How To Install Webmin in Ubuntu

Linux By · February 22, 2023 · 0 Comment
webmin installation ubuntu techhyme
Webmin is a web-based interface that allows users to manage Unix-like systems. It provides a graphical user interface (GUI) that makes it easier to manage system configurations, users, services, and more. With Webmin, users can manage various system components, such... Read more

How to Install Apache Tomcat on Ubuntu Machine

Linux By · February 14, 2023 · 0 Comment
Apache Tomcat Install Ubuntu Techhyme
Apache Tomcat is an open-source Java-based web application server that is designed to run Java servlets and JavaServer Pages (JSPs). It is developed and maintained by the Apache Software Foundation and is widely used as a production-level web server for... Read more

A Step-by-Step Guide to Installing the LAMP Stack on Ubuntu

Linux By · February 13, 2023 · 0 Comment
LAMP Stack Ubuntu Techhyme
LAMP is an acronym that stands for Linux, Apache, MySQL, and PHP. It refers to a software stack that is used for building dynamic websites and web applications. The components of the LAMP stack are: Linux: A free and open-source... Read more

Find OS Version with 5 Different Methods in Windows PowerShell

Tutorial By · February 7, 2023 · 0 Comment
Find OS Version with Windows Powershell Techhyme
Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language. It was first released in 2006 and it is built on top of the .NET framework. PowerShell allows system... Read more

Leave a Reply