DNSProbe is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

April 17, 2020
(470 views)

DNSProbe is a tool built on top of retryabledns that allows you to perform multiple DNS queries of your choice with a list of user-supplied resolvers.

Features

  • Simple and Handy utility to query DNS records.

Usage

dnsprobe -h

This will display help for the tool. Here are all the switches it supports.

Flag Description Example
-c Max dns retries (default 1) dnsprobe -c 5
-l List of dns domains (optional) dnsprobe -l domains.txt
-r Request Type A, NS, CNAME, SOA, PTR, MX, TXT, AAAA (default "A") dnsprobe -r A
-s List of resolvers (optional) dnsprobe -s resolvers.txt
-t Number of concurrent requests to make (default 250) dnsprobe -t 500
-f Output type: ip, domain, response, simple (domain + ip, default), full (domain + response), json (domain + raw response) dnsprobe -f json
-o Output file (optional) dnsprobe -o result.txt

Installation Instructions

From Source

dnsprobe requires go1.13+ to install successfully. Run the following command to get the repo -

GO111MODULE=on go get -u -v github.com/projectdiscovery/dnsprobe

In order to update the tool, you can use -u flag with go get command.

Querying host for a record

To query a list of domains, you can pass the list via stdin.

> cat domains.txt | dnsprobe

root@test:~# cat bc.txt | dnsprobe
bounce.bugcrowd.com 192.28.152.174
blog.bugcrowd.com 104.20.4.239
blog.bugcrowd.com 104.20.5.239
www.bugcrowd.com 104.20.5.239
www.bugcrowd.com 104.20.4.239
events.bugcrowd.com 54.84.134.174

Querying host for CNAME record

> dnsprobe -l domains.txt -r CNAME

root@test:~# dnsprobe -l bc.txt -r CNAME
forum.bugcrowd.com bugcrowd.hosted-by-discourse.com.
collateral.bugcrowd.com bugcrowd.outrch.com.
go.bugcrowd.com mkto-ab270028.com.
ww2.bugcrowd.com bugcrowdinc.mktoweb.com.
researcherdocs.bugcrowd.com ssl.readmessl.com.
docs.bugcrowd.com ssl.readmessl.com.

This will run the tool against domains in domains.txt and returns the results. The tool uses the resolvers specified with -s option to perform the queries or default system resolvers.

Querying CNAME records on the Subfinder output

> subfinder -d bugcrowd.com -silent | dnsprobe -r cname

root@b0x:~# subfinder -d bugcrowd.com -silent | dnsprobe -r cname
forum.bugcrowd.com bugcrowd.hosted-by-discourse.com.
docs.bugcrowd.com ssl.readmessl.com.
go.bugcrowd.com mkto-ab270028.com.
ww2.bugcrowd.com bugcrowdinc.mktoweb.com.
researcherdocs.bugcrowd.com ssl.readmessl.com.
collateral.bugcrowd.com bugcrowd.outrch.com.
proxilate.bugcrowd.com proxilate.a.bugcrowd.com.

License

DNSProbe is made with ???? by the projectdiscovery team.


More: https://github.com/projectdiscovery/dnsprobe

(470 views)
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.