DNSRecon is a python script used for DNS information gathering. DNS information about a target is an essential requirement for every penetration tester. DNS information helps in mapping the network infrastructure of the target host. DNSRecon is a DNS reconnaissance tool that can perform a variety of enumerations, such as standard record enumeration, Zone transfer, Reverse lookup, Google lookup, Zone walking, cache snooping, and Domain Brute-Forcing. In the standard record enumeration, DNSRecon fetches record like SOA, SRV, DNSSec, and MX record.
DNSRecon Installation
DNSRecon can be cloned from github resources using the following command.
git clone https://github.com/darkoperator/dnsrecon
DNSRecon requires dnspython, netaddr, and lxml packages to function properly. These packages can be installed by using the following command.
pip install –r requirements.txt
DNSRecon Reconnaissance
Once successfully installed, DNSRecon can be executed from the terminal by running the dnsrecon.py file from the DNSRecon directory folder.
The following command can be used to see all the available options that can be used for DNS reconnaissance.
python dnsrecon.py
In order to check the standard record of any domain, run the following command.
./dnsrecon.py –d <target domain>
By running the above command, the tool looks for DNSSec, SOA, SRV, and MX record. DNSSec is a security extension that is used to secure the information associated with the DNS. DNSRecon finds if DNSSec is configured for the target domain. SOA record provides administrative information like DNS zone information. SRV helps in identifying domain controllers for active directories. Similarly, MX record provides information regarding the mail servers.
To check if the target domain is vulnerable to zone transfer, the following command can be used.
./dnsrecon.py –d <target domain> -t axrf
Reverse IP lookup can be performed by adding the –s flag to the command in the following manner.
./dnsrecon.py –d <target domain> -s
Similarly, we can perform domain brute-forcing, cache snooping, zone walking, and other tasks by adding the appropriate arguments in the respective commands.
What Bunny rating does it get?
