dnswalk

Information Gathering > DNS > dnswalk

Before I jump into, I have to admit, that I'm not expert in DNS. This tool can do DNS zone transfers. This means that we can request, and download the whole DNS database of a domain to our machine. Of course this doesn't work in most the cases, cause it usually not permitted on the server, however it's really a legit DNS function. Other than that it also runs a couple of consistency checks.

Usage: dnswalk domain
domain MUST end with a '.'
root@bt:/pentest/enumeration/dns/dnswalk# ./dnswalk --help
./dnswalk version [unknown] calling Getopt::Std::getopts (version 1.05 [paranoid]),
running under Perl version 5.10.0.

Usage: dnswalk [-OPTIONS [-MORE_OPTIONS]] [--] [PROGRAM_ARG1 ...]

The following single-character options are accepted:
        With arguments: -D
        Boolean (without arguments): -r -f -i -a -d -m -F -l

Options may be merged together.  -- stops processing of options.
Space is not required between options and their arguments.
  [Now continuing due to backward compatibility and excessive paranoia.
   See ``perldoc Getopt::Std'' about $Getopt::Std::STANDARD_HELP_VERSION.]
Usage: dnswalk domain
domain MUST end with a '.'
root@bt:/pentest/enumeration/dns/dnswalk#

Its help is not too informative regarding the options, but we can find a pretty good article about them here:

http://www.aldeid.com/index.php/Dnswalk