DNS
Domain Name System - Port 53
Enumeration
Resolve the IP with nslookup
Start nslookup
nslookup
Specify the
DNS
server:
server 10.10.10.10
Now, query for the given IP address, looking up its
DNS
records:
10.10.10.10
Check Transfer Zones
If
DNS
is running overTCP
try a zone transfer:
dig axfr HOST.NAME @10.10.10.29
Bruteforce DNS Hostname
nmap -Pn -script=dns-brute domain.com
Whois Query
By nmap
nmap -script whois* domain.com
Banner Grab
nmap -n -p<PORT> --script dns-nsid <IP>
Last updated