DNSrr is a tool created by A3h1nt, written in bash, used to enumerate all the juicy stuff from DNS records. Attacker sometimes cannot bypass the real DNS address because sysadmin usually use CDN like Cloudflare, Google CDN, StackPath and etc, to cover the DNS.
This tool uses different techniques like:
- DNS Forward Bruteforce
- DNS Reverse Bruteforce
- DNS Cache Snooping
- DNS Zone Transfer
To get you all the information that you can get, from a DNS server.
Install it using git
git clone https://github.com/A3h1nt/Dnsrr
Start the tool
——————- USAGE —————— -z : Attempt Zone Transfer Syntax: ./dns.sh -z [Nameserver] [Domain Name] -fb : Forward Lookup Bruteforce Syntax: ./dns.sh [Domain Name] Syntax: ./dns.sh [Domain Name] [Wordlist] -rb : Reverse Lookup Bruteforce Syntax: ./dns.sh [Domain Name] -cs : Perform DNS Cache Snooping Syntax: ./dns.sh [Name Server] [Wordlist] -x : Explain A Particular Option Syntax: ./dns.sh -x [Option_Name] ————————————————
DNSrr supports five different options, including the one that explains the other four options. So just incase you don’t know what a particular option is doing, you can simply use
-x option, to understand the technique behind it.
# To explain zone transfer ./dnsrr -x z