
DNSrr
DNSrr is a tool created by A3h1nt, written in bash, used to enumerate all the juicy stuff from DNS records. Attacker sometimes cannot bypass the real DNS address because sysadmin usually use CDN like Cloudflare, Google CDN, StackPath and etc, to cover the DNS.
This tool uses different techniques like:
- DNS Forward Bruteforce
- DNS Reverse Bruteforce
- DNS Cache Snooping
- DNS Zone Transfer
To get you all the information that you can get, from a DNS server.
Installation
Install it using git
git clone https://github.com/A3h1nt/Dnsrr
Start the tool
./dnsrr.sh –help
Usage
——————- USAGE ——————
-z : Attempt Zone Transfer
Syntax: ./dns.sh -z [Nameserver] [Domain Name]
-fb : Forward Lookup Bruteforce
Syntax: ./dns.sh [Domain Name]
Syntax: ./dns.sh [Domain Name] [Wordlist]
-rb : Reverse Lookup Bruteforce
Syntax: ./dns.sh [Domain Name]
-cs : Perform DNS Cache Snooping
Syntax: ./dns.sh [Name Server] [Wordlist]
-x : Explain A Particular Option
Syntax: ./dns.sh -x [Option_Name]
————————————————
DNSrr supports five different options, including the one that explains the other four options. So just incase you don’t know what a particular option is doing, you can simply use -x
option, to understand the technique behind it.
Example:
# To explain zone transfer
./dnsrr -x z
Sample Execution
Zone Transfer

Forward Lookup Bruteforce
