|DNSMAP Tutorial KYB 3 Hackingloops|
- Obtain all A records (i.e. IP addresses) associated to each successfully brute forced sub domain, rather than just one IP address per sub domain.
- Abort the brute forcing process in case the target domain uses wildcards.
- Ability to be able to run the tool without providing a word list by using a built-in list of keywords.
- Brute forcing by using a user-supplied word list (as opposed to the built-in word list).
- Saving the results in human-readable and CSV format for easy processing.
- Improved built-in subdomains wordlist.
- New bash script (dnsmap-bulk.sh) included which allows running Dnsmap against a list of domains from a user-supplied file. i.e.: brute forcing several domains in a bulk fashion.
- Bypassing of signature-based Dnsmap detection by generating a proper pseudo-random sub domain when checking for wildcards (Unique Feature).
|DNSMAP Tutorial – 1|
|DNSMAP Tutorial – 2|
|DNSMAP Tutorial – 3|
Input file to use for brute force
Export results as text format
Save files as csv format
Maximum delay (in ms) between 2 DNS lookups(default: 10 ms)
Useful if you’re obtaining false positives
./dnsmap google.com -w yourwordlist.txt -r /tmp/domainbf_results.txt
./dnsmap google.com -r /tmp/ -d 3000
./dnsmap google.com -r ./subdomainbruteforce_results.txt
That’s all friends. If you have any queries ask us in form of comments. Feel free to contact us and Happy Learning.