Dnsdumpster a tool to perform DNS, MX, NS Lookup

Repository and source code

Rationale

There are many projects out there that both in github and online that offer dns manage and dumping of dns data. But we at https://www.nmmapper.com wanted to unify lot of python tools out there that perform dns recon so that we can host it online. Like we did unify and host 8 subdomain finder tools.

Our approach to this tool is to dump as match information about a given host as possible. The tool is still in development and we continue to add more features on it.

Dnsdumpster setups

1
2
3
4
git clone https://github.com/wangoloj/dnsdumpster.git
pip3 install -r requirements.txt
#
# This should be done inside python virtualenv

Dnsdumpster will dump

The following are the kind of information that dnsdumpster will be able to dump given a domain.

  • Subdomains
  • MX
  • TXT
  • Server Detection
  • Web application firewall(WAF)
  • Geo locate physical location of IP
  • ASN Detection

We are doing what ever we can to dump more information.

Dumping subdomains

After cloning into your virtualenv and installing the required

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
(www.dnsdumpster.net) $python3 dnsdumpster.py -d nmmapper.com
Starting dns dump against nmmapper.com
Searching using engine DNSdumpster
Searching using engine Netcraft
Searching using engine Virustotal
Searching using engine ThreatCrowd
Searching using engine SSL Certificates
Could not initialize connection to a1.nmmapper.com
Could not initialize connection to a1.nmmapper.com
Could not initialize connection to a2.nmmapper.com
Could not initialize connection to a2.nmmapper.com
Could not initialize connection to clk.nmmapper.com
Could not initialize connection to clk.nmmapper.com
Could not initialize connection to upstream.d.nmmapper.com
Could not initialize connection to upstream.d.nmmapper.com
.....
{
 "asn": null,
 "host": "nmmapper.com",
 "mx": "mx1.privateemail.com.",
 "ns": [
     {
         "ip": "173.245.59.170",
         "ns": "gordon.ns.cloudflare.com."
     },
     {
         "ip": "173.245.58.56",
         "ns": "adi.ns.cloudflare.com."
     }
 ],
 "server": "cloudflare",
 "subdomains": [
     {
         "asn": {
             "asn": "13335",
             "asn_cidr": "104.24.96.0/20",
             "asn_country_code": "US",
             "asn_date": "2014-03-28",
             "asn_description": "CLOUDFLARENET - Cloudflare, Inc., US",
             "asn_registry": "arin"
         },
         "geo": {
             "city": "Ashburn",
             "country": "US",
             "ip_address": "104.24.103.134",
             "latitude": 39.0437192,
             "longitude": -77.4874899,
             "region": "Virginia"
         },
     },
 "txt": [],
 "waf": "Cloudflare (Cloudflare Inc.)"
 }

Domain dnsmapping

TODO

Indices and tables