DNSEnum
Introduction
The information gathering is useful to get ports and vulnerabilities into a website and Kali Linux has tools that you can use them. Today, I will show you a tool called dnsenum where you can test a website and get information from them
DNSENUM
Firstly, we’ll see what’s dsnenum, which is a perl script to enumerate DNS information of a domain and to discover non-contiguous IP blocks.
You can install it using the next command:
sudo apt install dnsenum
Now, we will open our terminal as root and insert the command dnsneum followed by an IP address or DNS.
Dnsenum will get information about the DNS, which you can see a list of IP Addresses and subdomains which are related to the website.
Firstly, it will show you host´s addresses, main servers and Main Servers.
Also, you can see Zone Transfers and Bind versions to see more subdomains and servers where you can find vulns. In the next image we use other domain only to show you how looks the result.
Dnsenum default also use brute forcing to get more host addresses, subdomains and nameservers.
Include dnsenum can get the netranges of servers where the IP´s are listed. You can use this information to see how works the network into the server that you are testing.
Lastly, dnsenum will perform reverse lookup IP addresses and IP blocks where it will show you like this.
Conclusion
Dnsenum is a very useful and powerful tool for information gathering, you can get vulns into a website where it will show you Host addresses and subdomains related to the host as well as network information about netranges. If you wanted to start in information gathering for web pentesting, dnsenum is a good option for you.
If you enjoy my content and would like to help me take this project to the next level, you can become a member by donating a monthly subscription. Your support will help me continue to create high-quality content. Thank you for your generosity!
If donating is not possible for you at this time, no problem at all! Your support in sharing my project and spreading the word is greatly appreciated. I will continue to create and share my work regardless, and I am grateful for your encouragement and interest.
If you want to support me you can check my main Medium Profile and see all the articles! Follow and support it!. This are the link:
This is the YouTube channel of my malware development team, we need your subscription and your support
Thanks to read this :)
S12.