Hacking Tutorials

Review of dnsx – a multi-purpose DNS toolkit Attribution link

DNSX is a fast and multi-purpose DNS toolkit that allows you to run multiple probes using a “retryable” library, which allows you to perform as many DNS queries of your choice with a list of user-supplied resolvers. allows. In addition to resolving domains, it has some notable flags such as respect only and response only that allow you to control and print the extracted information.

Dnsx Installation

Installing from Binary is the easiest way to install, download the pre-built binaries from the releases page. Download the binary which is compatible with your system. Extract them using tar and move the binary to your $PATH

tar -xvf dnsx-linux-amd64.tar

mv dnsx-linux-amd64 /usr/local/bin/dnsx

dnsx -h

The next two methods, require the latest go version install in your system. You can check the install version by using the command “go version“ if go is not installed you can follow this link to install the go.
Installing from Source

GO111MODULE=on go get -v github.com/projectdiscovery/dnsx/cmd/dnsx

Installing from Github

git clone https://github.com/projectdiscovery/dnsx.git

cd dnsx/cmd/dnsx

go build

mv dnsx /usr/local/bin/

dnsx -version

How DNSX Works
dnsx can be used to filter old records from the list of subdomains obtained from various sources.

dnsx -l domains.txt -o resolved.txt
Wildcard filtering

dnsx has the ability to handle multi-level DNS-based wildcards and do so with fewer DNS requests. Sometimes all the subdomains will resolve which will lead to lots of garbage in the results. The way dnsx handles this is it will keep track of how many subdomains point to an IP and if the count of the Subdomains increases beyond a certain threshold, it will check for wildcards on all hosts for that IP iteratively.

dnsx -l hackerone-subs.txt -wd hackerone.com -o output.txt -l:-

file contains unresolved domains/subdomains. -wd:-  Wildcard domain name for filtering. -o:-  File to write the output. dnsx -silent -retry 3 -t 5 -l domains.txt -wd domain_name -o resolved.txt -silent:- Show only results in the output. -retry:- Number of DNS retries. -t:- Concurrent threads to make. What Bunny rating does it get? The tools has some unique features which are not provided by the similar tools, we will be awarding this tool a rating of 4.5 out of 5 bunnies. Want to learn more about ethical hacking? We have a  networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE Do you know of another GitHub related hacking tool? Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

One Response

Leave a Comment