Member-only story
of bob218
Before we get to know dnsmap we need to know what is the domain name server and the subdomain? Domain Name System is a server that solves the query of the DNS name in IP address and vice versa the IP address in domain name.
dnsmap Overview: dnsmap is intended primarily to be used by pentesters during the collection/enumeration phase of infrastructure security assessment information. During the enumeration phase, the security consultant would typically discover IP netblocks, domain names, phone numbers, etc…
Subdomain brute-forcing is another technique that should be used in the enumeration phase, as it is useful when other domain enumerating techniques such as zone transfers do not work.
What can we find after using dnsmap?
1. Find interesting remote access servers.
2. Find badly configured and/or patch-free servers.
3. Find new domain names that will allow you to map non-obvious/hard to find network blocks.
4. Sometimes it turns out that some brutal forced subdomains resolve into internal IP addresses.
5. Discover embedded devices configured using dynamic DNS services.
