How to use dnsenum in Kali Linux


DNSenum – This tool is programmed by perl. DNSenum is a tool that it was designed with the purpose of enumerating DNS information about a domain. We can get information by using dnsenum tool –
  • Get the host's addresse
  • Get the namservers
  • Get the MX record
  • Trying Zone Transfers
  • BIND Version
  • Get extra names and subdomains via google scraping
  • Brute force subdomains from file, can also perform recursion on subdomain that have NS records
  • Perform reverse lookups on netranges
  • Write to domain_ips.txt file ip-blocks

1.  How to open Dnsenum
   a. GUI method – Application → information Gathering → DNS Analysis → dnsenum
(click image for large view)

b. open terminal type dnsenum and hit enter kindly read all commands. This will make you more smart geeky.

2. In terminal type dnsenum domain and hit enter for ex- dnsenum facebook.com after pressing enter you will see all the information like Host’s Address, Name servers, MX , Zone transfer etc.
Note – do not add www. With domain

3. Extra names and subdomains via google scraping – most of time this is not working with all domains. Open Terminal and type dnsenum -p 5 -s 20 domain 
Ex - dnsenum -p 5 -s 20 facebook.com
Here - 
-p = pages
The number of google search pages to process when scraping names, the default is 20 pages, the -s switch must be specified.
-s = scrap
The maximum number of subdomains that will be scraped from google.
Notes: Since this is not functional you can manually run the command in a Google search: “allinurl: -www site:Domain name”

4. Brute force subdomains open terminal and type dnsenum -f dns.txt domain
Ex - dnsenum -f dns.txt facebook.com
Here -
-f, = file
Read subdomains from this file to perform brute force.
(click image for large view)
If you like my post please comment



Like it ? Share it.