DNS Lookup (forward) Back

Security related information and use within the scope of pentesting


Description

Forward DNS lookup describes the process of finding the IP address related to a given domain an user enters via e.g. the URL-bar of a browser. Forward DNS lookup is commonly used on the Internet because it's easier to remember domain names instead IP addresses [1].


Datasets

Rapid7 provides different datasets containing DNS responses of all forward DNS names known by Rapid7's Project Sonar. This information can be very useful when doing Reconnaissance on a target and e.g. hunting for subdomain takeover vulnerabilities [2]. The data is GZIP compressed containing name, type, value and timestamp of any returned records for a given name in JSON format (size: 24.5 GB).

[email protected]st:~/DLL$ pigz -dc 2018-08-25-1535232149-fdns_cname.json.gz | grep '"value":"target'
{"timestamp":"1535236656","name":"2016.ylsuccesssummit.com","type":"cname","value":"target.clickfunnels.com"}
{"timestamp":"1535237435","name":"2017.animalwellnesssummit.com","type":"cname","value":"target.clickfunnels.com"}
{"timestamp":"1535236699","name":"2017.conversionworld.co","type":"cname","value":"target.clickfunnels.com"}
{"timestamp":"1535237249","name":"2017.target-training.eu","type":"cname","value":"target-training.eu"}

Source: https://opendata.rapid7.com/sonar.fdns_v2