Dnsmap- DNS Network Mapper

Information is very important for performing penetration testing, on a vary first step ethical hackers/penetration tester try to get the maximum information about the target.
The steps required for information gathering or footprinting has been discussed on earlier article click here to read.
After all there are some automatic tools present to gather the information and these tools also help out to map the victim network by using their officials websites.In this article we will cover about DNSMAP.

Dnsmap is a passive network mapper and normally known as subdomain brute forcer, it originally released on 2006, it used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. Dnsmap is a open source and tested on linux based operating system although it can be used on FreeBSD and windows plate form by using Cygwin, dnsmap was included in Backtrack 2, 3 and 4

Key Features
  • IPv6 support
  • Makefile included
  • delay option (-d) added. This is useful in cases where dnsmap is killing your bandwidth
  • ignore IPs option (-i) added. This allows ignoring user-supplied IPs from the results. Useful for domains which cause dnsmap to produce false positives
  • changes made to make dnsmap compatible with OpenDNS
  • disclosure of internal IP addresses (RFC 1918) are reported
  • updated built-in wordlist
  • included a standalone three-letter acronym (TLA) subdomains wordlist
  • domains susceptible to “same site” scripting are reported
  • completion time is now displayed to the user
  • mechanism to attempt to bruteforce wildcard-enabled domains
  • unique filename containing timestamp is now created when no specific output filename is supplied by user
  • various minor bugs fixed

DNSMAP Tutorial

After downloading extract it now open terminal and go on the place where you have extract dnsmap and follow these steps:
  • Type   gcc dnsmap.c -o dnsmap    or  g++ dnsmap.c -o dnsmap make sure you have installed C compiler  
  • After this make it executable type chmod +x dnsmap 
  • And than run it by typing ./dnsmap domain.com 

$ dnsmap baidu.com
dnsmap 0.22 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for baidu.com using built-in wordlist

IP address #1:

IP address #1:

IP address #1:

Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...