RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
Amass
Jul 20, 2023
In-depth DNS enumeration
The OWASP Amass project is focused on DNS enumeration and network infrastructure mapping techniques. These techniques include obtaining subdomain names by scraping web pages, accessing web APIs, recursive brute forcing, crawling web archives, permuting/altering names, reverse DNS sweeping, and querying ASNs and netblocks associated with IP addresses. The information collected during an enumeration is used to build a network map of an organization’s presence on the Internet.
Amass reaches out to over 30 passive data sources to learn about the DNS namespace of a target domain. By default, Amass validates all the names by performing DNS queries across a pool of resolver servers, which spreads out the activity generated by the enumeration. For all IP addresses collected during this process, Amass queries for associated netblocks and ASNs. As additional data sources become available to provide visibility of the Internet, implementations can quickly be developed within Amass due to the simple interfaces worked into the design.
Checkout these related ports:
- Zonenotify - DNS notify sender written in C
- Zonecheck - Perform consistency checks on DNS zones
- Zkt -
- Yandex-ddns - Use Yandex DNS as a dynamic DNS provider
- Yadifa - Authoritative nameserver with DNSSEC capabilities
- Wrapsrv - DNS SRV record command line wrapper
- Whoseip - Get information about IP addresses country code and network
- Wdns - Low-level DNS library
- Walker - Recover zone file information from servers that use DNSSEC
- Void-zones-tools - Prepare a list of void zones that can be readily fed into Unbound
- Vizone - Updates the serial number in one or more zonefiles
- Vhostcname - Synchronize DNS with server names and aliases from Apache vhost
- Utdns - Proxy UDP/DNS to TCP/DNS
- Updatedd - Dynamic DNS Update Client supporting multiple services
- Unbound - Validating, recursive, and caching DNS resolver