search
githubEdit

Domain Name System (DNS)

hashtag
Port: 53

hashtag
1) Nmap scan

nmap --script dns-brute,dns-nsid,dns-recursion,dns-zone-transfer -p 53 IP

hashtag
2) AD Domain enumeration via DNS

nmap -p 53 --script "dns-nsid,dns-srv-enum" IP

hashtag
3) Zone Transfer

dig axfr domain.local @IP

hashtag
4) Retrieve all records

dig ANY domain.local @IP

hashtag
5) Query any records

nslookup
> server DNS_IP
> set type=any
> domain.local

hashtag
6) Reverse lookup

PreviousExposed Docker Registry Penetration TestingNextExposed Github Repositories Dumping

Last updated