DNS
Domain Name System

IP/domain info, IP ranges:
$ whois [-h whois.example.com] example.com или 127.0.0.1

General:
$ dig [@dns.example.com] example.com [{any,a,mx,ns,soa,txt,...}]
$ dig -x example.com [+short] [+timeout=1]
Zone transfer:
$ dig axfr @dns.example.com example.com
$ for srv in `cat dns.txt`; do dig axfr "@$srv" example.com | grep "failed" > /dev/null 2>&1 || echo $srv; done

$ nslookup example.com [ns.example.com]
$ nslookup -type=ptr 127.0.0.1
$ nslookup
[> server dns.example.com]
> set q=mx
> example.com
$ nslookup
> set q=ptr
> 127.0.0.1

Check:
$ host facebook.com ns.example.com
$ dig +short @ns.example.com test.openresolver.com TXT
$ for srv in `cat dns.txt`; do dig +short @$srv test.openresolver.com TXT | grep "open-resolver-detected" && echo $srv; done
$ sudo nmap -Pn -sU -sV --script dns-recursion -iL dns.txt -p53
$ for srv in `cat dns.txt`; do sudo nmap -Pn -sU -sV --script dns-recursion $srv -p53 | grep "enabled" && echo $srv; done
msf > use auxiliary/scanner/dns/dns_amp
Last modified 9mo ago
Copy link
On this page
whois
dig
nslookup
DNS Amplification