Supercharge Your Recon: Introducing Resolvalid – The Blazing Fast DNS Resolver Validator Built in Go + Video

By /

Listen to this Post

Featured Image

Introduction:

In the high-stakes world of cybersecurity reconnaissance, speed and reliability are non-negotiable. DNS resolvers are the backbone of subdomain enumeration, web probing, and service discovery, but using slow or unreliable servers creates critical bottlenecks in automation pipelines. Recognizing this pain point, security researcher Martín Martín developed Resolvalid, a concurrent Go tool designed to rapidly parse, validate, and output a clean list of working DNS resolvers. By focusing on single-threaded efficiency and parallel processing, this utility ensures that your infrastructure scanning tools like `httpx` and `shuffledns` are always running at peak performance with a curated list of responsive servers.

Learning Objectives:

  • Understand the critical role of fast, reliable DNS resolvers in reconnaissance automation.
  • Learn how to install, configure, and integrate Resolvalid into a security workflow.
  • Master the art of combining Resolvalid with popular penetration testing tools for enhanced subdomain brute-forcing.

You Should Know:

1. Installing and Running Resolvalid on Linux

This Go-based tool allows you to validate DNS resolvers with unmatched speed, leveraging Go’s native concurrency. Whether you feed it a local file, a remote URL, or use its built-in list, the output is a streamlined list of functioning servers.

Step‑by‑step guide for Linux (Debian/Ubuntu):

  1. Install Go: Ensure Go is installed on your system. 
    sudo apt update && sudo apt install golang-go -y
go version

  2. Install Resolvalid: Use the `go install` command to fetch and build the tool.

    go install github.com/martinm91/resolvalid@latest

Ensure your `$GOPATH/bin` is in your system’s `PATH`.

  1. Basic Usage – Validate from a local list: Create a list of potential DNS resolvers and validate them.

    Create a sample list (e.g., from public DNS providers)
echo "8.8.8.8\n1.1.1.1\n208.67.222.222\n8.8.4.4\n4.4.4.4" > dns-list.txt

Run resolvalid against the file
resolvalid -i dns-list.txt -o valid-resolvers.txt

  2. Using a URL as Input: Resolvalid can directly fetch a list from the internet.

    resolvalid -u https://raw.githubusercontent.com/trickest/resolvers/main/resolvers.txt -o fresh-resolvers.txt

What this does: The tool performs a DNS query (typically for google.com) against each resolver concurrently. If a resolver returns a valid response within the timeout, it is considered “valid” and written to the output file.

2. Integrating Resolvalid with Windows (PowerShell)

While Resolvalid is a Linux/Go native tool, you can easily run it on Windows using the Go binary or WSL. Here’s how to integrate it into a Windows-based recon workflow using PowerShell.

Step‑by‑step guide for Windows:

  1. Install Go on Windows: Download the installer from `golang.org` and follow the setup instructions.
  2. Install Resolvalid: Open PowerShell as Administrator and run: 
    go install github.com/martinm91/resolvalid@latest
  3. Generate a list of potential resolvers: You can use PowerShell to scrape public lists. 
    Invoke-WebRequest -Uri "https://public-dns.info/nameservers.txt" -OutFile "resolvers_raw.txt"

4. Validate with Resolvalid:

resolvalid.exe -i resolvers_raw.txt -o windows_valid.txt

3. Turbocharging Subdomain Brute-Forcing with `shuffledns`

The real power of Resolvalid is unlocked when its output is piped into high-performance DNS brute-forcing tools. `shuffledns` by projectdiscovery is a perfect example.

Step‑by‑step guide for Linux:

1. Install shuffledns:

go install -v github.com/projectdiscovery/shuffledns/cmd/shuffledns@latest

2. Generate a valid resolver list:

resolvalid -u https://raw.githubusercontent.com/trickest/resolvers/main/resolvers.txt -o live-resolvers.txt

3. Run a mass DNS resolution:

 Assuming you have a subdomain wordlist (subs.txt) and a domain (example.com)
shuffledns -d example.com -list subs.txt -r live-resolvers.txt -o found-subdomains.txt

What this does: Instead of relying on a single, potentially rate-limited DNS server, `shuffledns` distributes the queries across the hundreds of validated resolvers in live-resolvers.txt, drastically increasing the speed and success rate of subdomain discovery.

  1. Advanced Validation: Checking for Recursion and Amplification (Educational)
    A commenter on the original post suggested adding recursion testing and amplification ratio measurement. While Resolvalid focuses on speed, you can manually verify these properties for educational purposes using `dig` (Linux/macOS).

Step‑by‑step guide for Linux:

  1. Test for Open Recursion: An open resolver responds to queries for domains it doesn’t own. 
    dig @8.8.8.8 google.com A +recurse
If you get an answer, recursion is desired (for public resolvers). For security testing, you look for servers that shouldn't be open.

  2. Measure Amplification Factor: This checks if a resolver can be used in a DDoS attack.

    Send a small query and measure the response size.
dig @1.1.1.1 isc.org ANY +dnssec +bufsize=512 +ignore
Use 'tcpdump' or Wireshark to see the request/response size.

    Warning: Only test this on servers you own or have permission to test.

5. Leveraging Resolvers for Web Probing with `httpx`

Once you have valid subdomains, you need to check for live web servers. `httpx` relies heavily on fast DNS resolution.

Step‑by‑step guide:

1. Install httpx:

go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest

2. Use validated resolvers for probing:

cat found-subdomains.txt | httpx -title -status-code -tech-detect -resolvers live-resolvers.txt

What this does: This command uses your curated list of fast resolvers (live-resolvers.txt) to resolve each subdomain before making an HTTP connection. This prevents DNS timeouts from slowing down your web server discovery and fingerprinting.

  1. Building Your Own Simple Resolver Validator in Go (Code Snippet)
    To understand the concurrency model, here is a minimalist version of the concept in Go.
package main

import (
"bufio"
"flag"
"fmt"
"net"
"os"
"sync"
"time"
)

func main() {
inputFile := flag.String("i", "", "File with DNS servers")
outputFile := flag.String("o", "valid.txt", "Output file")
flag.Parse()

file, _ := os.Open(inputFile)
scanner := bufio.NewScanner(file)
var resolvers []string
for scanner.Scan() {
resolvers = append(resolvers, scanner.Text())
}
file.Close()

var wg sync.WaitGroup
valid := make(chan string, len(resolvers))

for _, r := range resolvers {
wg.Add(1)
go func(server string) {
defer wg.Done()
r := &net.Resolver{
PreferGo: true,
Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
d := net.Dialer{Timeout: time.Millisecond  500}
return d.DialContext(ctx, "udp", server+":53")
},
}
_, err := r.LookupHost(context.Background(), "google.com")
if err == nil {
valid <- server
}
}(r)
}

go func() {
wg.Wait()
close(valid)
}()

output, _ := os.Create(outputFile)
defer output.Close()
for v := range valid {
fmt.Fprintln(output, v)
}
}

What this does: This script reads a list of IPs, tests each one in a goroutine (concurrently) by performing a DNS lookup for google.com, and writes the successful ones to an output file. This is the core engine of tools like Resolvalid.

What Undercode Say:

  • Efficiency in Automation: The key takeaway from Resolvalid is that in security automation, every millisecond counts. Validating upstream infrastructure like DNS resolvers is not just a preparatory step; it’s a force multiplier that ensures subsequent tools operate at their maximum potential, reducing false negatives caused by timeouts.
  • The Go Advantage: Martín’s choice of Go highlights a trend in modern security tooling. Go’s lightweight concurrency model allows for handling thousands of network connections simultaneously without the overhead of traditional threading, making it the ideal language for building high-performance network scanners and validators.

Prediction:

As reconnaissance automation becomes more sophisticated, we will see a shift from simple validation to “intelligent resolver scoring.” Future tools will not only test if a resolver is live but will also profile its latency, geographic location, and response integrity over time. This will enable “adaptive resolution,” where a scanning tool dynamically selects the fastest or most appropriate resolver for a given target domain, further optimizing the speed and stealth of large-scale security assessments.

▶️ Related Video (78% Match):

🎯Let’s Practice For Free:

IT/Security Reporter URL:

Reported By: Martinmarting I – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeTesting & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky

Related Posts: