Skip to content
Related Articles

Related Articles

DNSx – DNS Toolkit Allow To Run Multiple DNS Queries

Improve Article
Save Article
Like Article
  • Last Updated : 23 Aug, 2021

DNS Query is crucial in Penetration Testing. DNS Query, also known as DNS Request, demands data sent from a user’s system or DNS Client to DNS Server. In most cases, DNS Request is passed to ask for the IP address associated with a domain name. But we can customize DNS Requests as per our needs. To resolve DNS Queries, we have a tool named dnsx. dnsx tool is a Go language-based tool. dnsx is a fast and multi-purpose DNS toolkit that allows running multiple probes using a retryabledns library that will enable you to perform various DNS queries of your choice with a list of user-supplied resolvers that supports DNS wildcard filtering like shuffled.

Features of DNSx Tool

  1. It is handy and a straightforward utility to query DNS records.
  2. It has support to A,AAAA,CNAME,PTR,NS,MX,TXT,SOA.
  3. It also supports DNS Status code probing
  4. It has support for DNS Tracing.
  5. It handles wildcard subdomains in an automated way.
  6. It is open-source and free to use.
  7. It has support to Stdin and Stdout, which can work with other tools.

Installation of DNSx Tool on Kali Linux OS:

Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, use the following command.

go version

Step 2: Get the DNSx repository or clone the DNSx tool from Github, use the following command.

sudo GO111MODULE=on go get -v github.com/projectdiscovery/dnsx/cmd/dnsx

Step 3: Check the help menu page to get a better understanding of DNSx tool, use the following command.

dnsx -h

Working with DNSx Tool

Example 1: Filtering dead records from a list of passive subdomains

In this example, we will be collecting the subdomains associated with our target domain (geeksforgeeks.org) by filtering the dead records.

subfinder -silent -d geeksforgeeks.org | dnsx

In the below Screenshot, we are trying to open www.qa.geeksforgeeks.org which has a dead record. You can see that there is a connection issue as this subdomain has no longer access.

Example 2: Print A records for the given list of subdomains

In this example, we are collecting the Subdomains along with their a record. A record indicates the IP address of the Subdomain.

subfinder -silent -d geeksforgeeks.org | dnsx -silent -a -resp

Example 3: Extract A records for the given list of subdomains

In this example, we are Extracting or filtering IP addresses from subdomains or records.

subfinder -silent -d geeksforgeeks.org | dnsx -silent -a -resp-only

Example 4: Extract CNAME records for the given list of subdomains

In this example, we are Extracting CNAME records from the list of subdomains. The CNAME record is a type of DNS record that maps an alias name to a true or canonical domain name.

subfinder -silent -d geeksforgeeks.org | dnsx -silent -cname -resp

Example 5: Probe DNS Status code on a given list of subdomains

In this example, we will be collecting the information about the DNS Status Code Probe, in this, the status of each subdomain is displayed whether the subdomain has any issue or whether it has NO ERROR.

subfinder -silent -d geeksforgeeks.org | dnsx -silent -rcode noerror,servfail,refused

Example 6: Extract subdomains from given network range using PTR query

In this example, we are extracting Subdomains from a range of IP addresses of network range. In this example, we have provided the IP range of geeksforgeeks.org. PTR provides the domain name associated with an IP address. It’s oppositive to A record.

echo 34.218.62.116/24 | dnsx -silent -resp-only -ptr

Example 7: Wildcard filtering

In the below Screenshot, we have the list of subdomains of our target geeksforgeeks.org.

dnsx -l geeksforgeeeks.org_subdomains.txt -wd geeksforgeeks.org -o output.txt

In this example, we are handling the multi-level DNS-based wildcards which increase beyond a certain small threshold, it will check for wildcards on all the levels of the hosts for that IP iteratively.

In the below Screenshot, we have saved the output in the output.txt file using the -o flag.

So DNSx Tool is an excellent tool for querying DNS. You can use various tools along with this. In the above examples, we have used the SubFinder tool for getting the massive list of subdomains for our target. This list is provided to the DNSx tool for making DNS queries.


My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!