Skip to content

Latest commit

 

History

History
216 lines (144 loc) · 8.02 KB

README.md

File metadata and controls

216 lines (144 loc) · 8.02 KB

Dnsbruter - Asynchronous DNS Bruteforcing Tool

Dnsbruter

Dnsbruter is a lightweight, fast, and smooth asynchronous DNS brute-forcing and fuzzing tool designed for penetration testers, ethical hackers, and anyone conducting active attack surface reconnaissance. This tool helps you discover subdomains and identify vulnerabilities in it.

GitHub last commit GitHub release (latest by date) GitHub license LinkedIn

V1.0.6 Features:


  • Improved Speed & Efficiency: Significantly faster and smoother DNS brute-forcing with lightweight resource usage.
  • Memory & Resource Management: Optimized to handle large-scale DNS scans without consuming excessive system resources.
  • Flexible Input: Supports both stdin and file-based domain lists for DNS brute-forcing.
  • Concurrency Control: Rate limiting and concurrency management to ensure stable performance under heavy loads.
  • JSON Output: Option to save scan results in a structured JSON format for easy integration with other tools.

Installation:

Dnsbruter can be installed quickly using various methods, including pip, pipx, and Docker. Choose the method that best suits your environment.

pip Installation

Ensure you have pip installed with the latest version of Python:

pip install --break-system-packages git+https://github.com/RevoltSecurities/Dnsbruter.git

pipx Installation

For isolated Python environments, you can use pipx:

pipx install git+https://github.com/RevoltSecurities/Dnsbruter.git

Docker Installation

For Docker-based environments, build the Docker image using:

git clone https://github.com/RevoltSecurities/Dnsbruter.git && cd Dnsbruter
sudo docker build -t dnsbruter .

Docker Usage:

sudo docker run --rm -it -v /path/to/wordlist.txt:/opt/wordlist.txt -v $(pwd):/output dnsbruter -d google.com -w /opt/wordlist.txt --output /output/test.txt

Usage

To use Dnsbruter, execute the following command to display help options:

dnsbruter -h

This will show you the following available options:

dnsbruter -h
       __                    __                     __               
  ____/ /   ____    _____   / /_    _____  __  __  / /_  ___    _____
 / __  /   / __ \  / ___/  / __ \  / ___/ / / / / / __/ / _ \  / ___/
/ /_/ /   / / / / (__  )  / /_/ / / /    / /_/ / / /_  /  __/ / /    
\__,_/   /_/ /_/ /____/  /_.___/ /_/     \__,_/  \__/  \___/ /_/     
                                                                     

                    - RevoltSecurities


[DESCRIPTION]: dnsbruter is a powerfull tool for asynchronous dns brutforcing and fuzzing with wildcard detection

[Usage]: 

    dnsbruter [options]
    
[OPTIONS]: 

    [INPUT]:
    
            -d,     --domain               string   : domain name for resolving subdomains.
            -dL,    --domain-list          string   : text file contains domain name for dns bruteforcing.
            -w,     --wordlist             string   : wordlist path for dnsbruter.
            
    [CONFIG]:
        
            -rl,    --resolver             string   : filename contains list of resolvers (default: system config).
            -v,     --versbose             command  : increase the verbosity of output.
            -wd,    --wildcard-detect      command  : enable to detect wildcards for found domains.
            -ov,    --override             command  : enable to skip the domain verification and this is not applies to when used BRUT in domain.
            
    [RATE-LIMIT]: 
        
            -c,     --concurrency            int    : number of concurrency value for dns bruteforcing.             
            -wt,    --wildcard-threds        int    : number of threads values for wildcard detections.
            -rt,    --rate-limit             int    : number of rate limits of DNS queries per second (default: 2000).
            -wrt,   --wildcard-ratelimit     int    : number of rate limits for wild card detection (default: 2000).
            -dl,    --delay                  int    : specify a delay seconds between concurrent DNS quries (default: 1).
            
    [UPDATES]: 
    
            -up,    --updates              command  : updates the Dnsbruter for latest version (required: pip to be installed). 
            -dc,    --disable-check        command  : disable updates check for dnsbruter.
            
    [OUTPUT]: 
    
            -o,     --output               string   : filename to save the scans outputs. 
            -ws,    --wildcard-output      string   : filename to save the found wildcard domains.
            -j,     --json                 command  : enables to display and save output in json format.
            
    [DEBUG]: 
    
            -h,     --help                 command  : shows this help message and exits.
            -s,     --silent               command  : only shows essetial outputs and avoid other info.

Features of Dnsbruter:

Dnsbruter is a powerful asynchronous DNS brute-forcing and fuzzing tool, built for penetration testers and security researchers. It allows you to brute-force valid subdomains and fuzz any portion of a domain name. The tool is highly concurrent and performs well even in resource-constrained environments like low-end VPSs.

1. Single Domain Input:

Brute-force a single domain and check for valid subdomains using the -d flag.

Command Syntax:

dnsbruter -d <domain>

Example:

dnsbruter -d google.com

Explanation:

  • Dnsbruter will attempt to resolve subdomains of google.com.
  • It checks for valid subdomains and accounts for wildcard DNS records to ensure the results are accurate.

2. Brute-force with Fuzzing (BRUT Input):

Fuzz a specific part of the domain by replacing it with the BRUT keyword.

Command Syntax:

dnsbruter -d <domain_with_BRUT>

Example:

dnsbruter -d adminBRUT.google.com

Explanation:

  • The tool will replace the BRUT keyword with different values, such as admin123, adminxyz, etc.
  • This method is used for fuzzing and discovering hidden subdomains or alternate domain configurations.



3. Brute-force Domains from a File:

Use the -dL flag to read a list of domains from a file and attempt to brute-force subdomains or fuzz them.

Command Syntax:

dnsbruter -dL <file_with_domains>

Example:

dnsbruter -dL domains.txt

Explanation:

  • Each line in the file should contain a single domain name.
  • Dnsbruter will process each domain and attempt brute-force or fuzzing as specified.

4. Passing Domains via Stdin:

You can also pass domains via stdin to integrate Dnsbruter into your scripts or tools.

Command Syntax:

echo "<domain>" | dnsbruter -d -

Example:

echo "example.com" | dnsbruter -d -

Explanation:

  • This allows you to pipe domain names dynamically into Dnsbruter from other tools or scripts.

About:

Dnsbruter is an open-source tool for security researchers and cybersecurity professionals involved in security assessments and information gathering. It is designed to assist in active DNS enumeration. We encourage contributions from the open-source community to improve Dnsbruter and keep it up-to-date. If you find this tool helpful, please show your support by giving ⭐ to the repository.