Ethical Hacker Tip: DNS Enumeration with dnsmap

By /

Listen to this Post

DNS enumeration is a critical phase in penetration testing and ethical hacking, helping identify potential targets within a domain. One powerful tool for this task is dnsmap, available in Kali Linux, BackBox, Parrot OS, and other Debian/CentOS-based systems.

Installation:

For Debian/Ubuntu/Kali:

sudo apt install dnsmap

For CentOS/RHEL:

sudo yum install dnsmap

Basic Usage:

To capture output effectively:

script dnscap_domainname.txt 
dnsmap <domainname.com> 
exit

All discovered hostnames will be saved in `dnscap_domainname.txt`.

Advanced Options:

View all available options:

dnsmap -h

Some useful flags:

  • -w <wordlist>: Use a custom wordlist.
  • -r <output_file>: Save results to a file.
  • -c <csv_output>: Export results in CSV format.

You Should Know:

1. Using Custom Wordlists

Enhance DNS brute-forcing with a custom wordlist:

dnsmap target.com -w /usr/share/wordlists/dnsmap.txt -r results.txt

2. Automating DNS Enumeration

Combine `dnsmap` with `bash` for automated scanning:

for domain in $(cat domains.txt); do dnsmap $domain -r $domain_dns_results.txt; done

3. Integrating with Other Tools

Pass `dnsmap` results to `nmap` for further scanning:

cat dnscap_domainname.txt | grep "IP" | cut -d " " -f 4 | sort -u | xargs -I {} nmap -sV -p 80,443 {}

4. DNS Recon with dig & host

Cross-validate findings with:

dig A <subdomain.target.com> 
host <subdomain.target.com>

5. Logging All DNS Queries

For deeper analysis, log all DNS traffic:

tcpdump -i eth0 -w dns_traffic.pcap port 53

What Undercode Say:

DNS enumeration is a foundational step in reconnaissance, exposing hidden subdomains that may lead to vulnerabilities. Combining `dnsmap` with tools like nmap, dig, and automated scripts enhances efficiency. Always ensure proper authorization before scanning.

For further reading:

Expected Output:

dnscap_domainname.txt containing discovered subdomains: 
mail.target.com → 192.168.1.10 
admin.target.com → 192.168.1.20 
dev.target.com → 192.168.1.30

References:

Reported By: Activity 7317550717399949312 – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: