Dnsmap- DNS Network Mapper

Information is very important for performing penetration testing, on a vary first step ethical hackers/penetration tester try to get the maximum information about the target.
The steps required for information gathering or footprinting has been discussed on earlier article click here to read.
After all there are some automatic tools present to gather the information and these tools also help out to map the victim network by using their officials websites.In this article we will cover about DNSMAP.

Dnsmap is a passive network mapper and normally known as subdomain brute forcer, it originally released on 2006, it used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. Dnsmap is a open source and tested on linux based operating system although it can be used on FreeBSD and windows plate form by using Cygwin, dnsmap was included in Backtrack 2, 3 and 4

Key Features
  • IPv6 support
  • Makefile included
  • delay option (-d) added. This is useful in cases where dnsmap is killing your bandwidth
  • ignore IPs option (-i) added. This allows ignoring user-supplied IPs from the results. Useful for domains which cause dnsmap to produce false positives
  • changes made to make dnsmap compatible with OpenDNS
  • disclosure of internal IP addresses (RFC 1918) are reported
  • updated built-in wordlist
  • included a standalone three-letter acronym (TLA) subdomains wordlist
  • domains susceptible to “same site” scripting are reported
  • completion time is now displayed to the user
  • mechanism to attempt to bruteforce wildcard-enabled domains
  • unique filename containing timestamp is now created when no specific output filename is supplied by user
  • various minor bugs fixed

DNSMAP Tutorial

After downloading extract it now open terminal and go on the place where you have extract dnsmap and follow these steps:
  • Type   gcc dnsmap.c -o dnsmap    or  g++ dnsmap.c -o dnsmap make sure you have installed C compiler  
  • After this make it executable type chmod +x dnsmap 
  • And than run it by typing ./dnsmap domain.com 

$ dnsmap baidu.com
dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for baidu.com using built-in wordlist

IP address #1:

IP address #1:

IP address #1:

Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...