
DNSProbe is a tool built on top of retryabledns that allows you to perform multiple DNS queries of your choice with a list of user-supplied resolvers.
Features
- Simple and Handy utility to query DNS records.
Usage
dnsprobe -h
This will display help for the tool. Here are all the switches it supports.
Flag | Description | Example |
---|---|---|
-c | Max dns retries (default 1) | dnsprobe -c 5 |
-l | List of dns domains (optional) | dnsprobe -l domains.txt |
-r | Request Type A, NS, CNAME, SOA, PTR, MX, TXT, AAAA (default "A") | dnsprobe -r A |
-s | List of resolvers (optional) | dnsprobe -s resolvers.txt |
-t | Number of concurrent requests to make (default 250) | dnsprobe -t 500 |
-f | Output type: ip, domain, response, simple (domain + ip, default), full (domain + response), json (domain + raw response) | dnsprobe -f json |
-o | Output file (optional) | dnsprobe -o result.txt |
Installation Instructions
From Source
dnsprobe requires go1.13+ to install successfully. Run the following command to get the repo -
GO111MODULE=on go get -u -v github.com/projectdiscovery/dnsprobe
In order to update the tool, you can use -u flag with go get command.
Querying host for a record
To query a list of domains, you can pass the list via stdin.
> cat domains.txt | dnsprobe
root@test:~# cat bc.txt | dnsprobe
bounce.bugcrowd.com 192.28.152.174
blog.bugcrowd.com 104.20.4.239
blog.bugcrowd.com 104.20.5.239
www.bugcrowd.com 104.20.5.239
www.bugcrowd.com 104.20.4.239
events.bugcrowd.com 54.84.134.174
Querying host for CNAME record
> dnsprobe -l domains.txt -r CNAME
root@test:~# dnsprobe -l bc.txt -r CNAME
forum.bugcrowd.com bugcrowd.hosted-by-discourse.com.
collateral.bugcrowd.com bugcrowd.outrch.com.
go.bugcrowd.com mkto-ab270028.com.
ww2.bugcrowd.com bugcrowdinc.mktoweb.com.
researcherdocs.bugcrowd.com ssl.readmessl.com.
docs.bugcrowd.com ssl.readmessl.com.
This will run the tool against domains in domains.txt
and returns the results. The tool uses the resolvers specified with -s option to perform the queries or default system resolvers.
Querying CNAME records on the Subfinder output
> subfinder -d bugcrowd.com -silent | dnsprobe -r cname
[email protected]:~# subfinder -d bugcrowd.com -silent | dnsprobe -r cname
forum.bugcrowd.com bugcrowd.hosted-by-discourse.com.
docs.bugcrowd.com ssl.readmessl.com.
go.bugcrowd.com mkto-ab270028.com.
ww2.bugcrowd.com bugcrowdinc.mktoweb.com.
researcherdocs.bugcrowd.com ssl.readmessl.com.
collateral.bugcrowd.com bugcrowd.outrch.com.
proxilate.bugcrowd.com proxilate.a.bugcrowd.com.
License
DNSProbe is made with ???? by the projectdiscovery team.
Author

- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky
Subscribe
0 Comments