fbpx

Backtrack 5- DNSenum Information Gathering Tool

Information gathering is generally a first step of ethical hacking/penetration testing, you need to get the maximum information about the victim because information is a key of success. As discussed before about information gathering in detail with different tools and technique like maltego and for DNS information gathering we have discussed DNSmap.
Information is weapon so in this article i will explain you how to get a information from DNS.

For this purpose i will use DNSenum, it is available on backtrack5 if you are using some other distribution and version than you can install it because it need only a perl, this may be a active perl or strawberry perl, you can run dnsenum on windows too. You can get the following information by using DNSenum.

  • Host address
  • Name server
  • MX record 
  • Sub domains
  • Whois performance 
  • Reverse lookup for netblocks
  • Use google to do the job done

DNSenum is a very important tool to perform a quick enumeration step on penetration testing.

Tutorial
For this tutorial i am using backtrack, you can use some other distribution if you are using backtrack 5 than you can get DNSenum by click on Applications–>Backtrack–>Information gathering–>Network analysis–>DNS analysis–>DNSenum
By looking the options you can realize that the script has no many options and choices to use. It is very difficult to explain all options but i will try my best to explain most important options. Well the simple scan can start by just typing,

[email protected]:/pentest/enumeration/dns/dnsenum# ./dnsenum.pl website.com

[email protected]:/pentest/enumeration/dns/dnsenum# ./dnsenum.pl ehacking.net

For a powerful scan use,

[email protected]:/pentest/enumeration/dns/dnsenum# ./dnsenum.pl –enum google.com 

For more power scan with sub domains

[email protected]:/pentest/enumeration/dns/dnsenum# ./dnsenum.pl –enum -f -r google.com

I hope you are enjoying by using DNSenum.

Scanning and Enumeration- Second Step Of Ethical Hacking

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Android Tips and Tricks for Getting the Most from Your Phone

Gone are the days when phones were only used to make phone calls and send text messages; nowadays, smartphones are more akin to a...

What Proxies Are For

When you cannot access certain sites or hide your identity, you need a tool for that. For example, the USA proxies are in demand...

Mobile Device Safety: Keeping your phone safe from intrusion

You might have heard that the iPhone is almost completely impossible to hack or that Samsung devices have some of the best firewalls in...

How to Detect Phishing Mails and Websites

Not long ago, phishing websites and mails looked quite unprofessional, they were peppered with spelling mistakes and had a distrustful design. Nowadays the digital...