After working on dnsmap for a few months whenever time allowed, I decided there were enough additional goodies to make version 0.30 a new public release.
Let me just say that a lot of the bugs that have been fixed, and features that have been added to this version would not be possible without the feedback from great folks such as Borys Lacki (www.bothunters.pl), Philipp Winter (7c0.org) and meathive (kinqpinz.info).
Thanks guys, your feedback was highly valuable to me.
new features
Anyways, the following are some of the new features included:
- IPv6 support
- Makefile included
- delay option (-d) added. This is useful in cases where dnsmap is killing your bandwidth
- ignore IPs option (-i) added. This allows ignoring user-supplied IPs from the results. Useful for domains which cause dnsmap to produce false positives
- changes made to make dnsmap compatible with OpenDNS
- disclosure of internal IP addresses (RFC 1918) are reported
- updated built-in wordlist
- included a standalone three-letter acronym (TLA) subdomains wordlist
- domains susceptible to “same site” scripting are reported
- completion time is now displayed to the user
- mechanism to attempt to bruteforce wildcard-enabled domains
- unique filename containing timestamp is now created when no specific output filename is supplied by user
- various minor bugs fixed
For those who have never used dnsmap, dnsmap is a command line tool originally released in 2006 which helps discover target subdomains and IP ranges during the initial stages of an infrastructure pentest. dnsmap is a passive(ish) discovery tool meant to be used before an actual active attack. It’s an alternative to other discovery techniques such as whois lookups, scanning large IP ranges, etc … Run dnsmap and you should be able spot netblocks of a target organization in a relatively short period of time.
dnsmap is open source and is known to work on Linux, FreeBSD and Windows using Cygwin, although it has mostly been tested on Linux.
The major drawback is lack of multi-threading support, which I’m hoping will be included in the next public release. Life is busy these days, but I’ll try to spend some time on this project when time allows and inspiration is available!
—
gnucitizen information security gigs part of the cutting-edge network:
- No active items found!
- GNUCITIZEN NETWORK
—
recent posts from the gnucitizen cutting-edge network:
Exit Through the Gift Shop
Jerry Rice on Success
Time Blocking
0.5 is up for grabs
Websecurify 0.5RC1 Is Available for Download
View full post on GNUCITIZEN
[...] excelente vídeo explicativo de como utilizar três ferramentas para testes de segurança de DNS, DNSMap vs Fierce2 vs Metasploit [...]