DNScanner automates DNS and security reviews for domains, providing a robust CLI interface, interactive menu, and an importable Python module. It's designed to be efficient and versatile, offering quick scans and in-depth analysis, ensuring safety and accuracy while integrating smoothly into broader tools.
DNScanner is a comprehensive tool designed for automating DNS and security reviews of domains. Originally developed as a module for a larger OSINT and penetration testing framework, DNScanner can be utilized in three versatile ways:
- Command-Line Interface (CLI) - Use the
dnscannercommand orpython3 start.pyfor quick scans. - Interactive Menu - Run without arguments for a guided interface to facilitate various checks.
- Importable Python Module - Easily embed DNScanner into other tools, returning structured, JSON-serializable results.
Key Features
DNS and Resolution Checks
- Query various DNS records including A, AAAA, MX, NS, CNAME, TXT, SOA, and CAA.
- Perform thorough CAA and SOA parsing to assess Certificate Authority issuance policies and validate settings against RFC 1912.
- Execute reverse DNS lookups and obtain WHOIS/RDAP records with key fields neatly normalized for easy analysis.
- Implement IP geolocation to gather details about the country, city, and ISP/ASN.
- Discover subdomains through both active (concurrent and wildcard-aware) and passive (crt.sh/CT logs) methods.
Security Posture Assessments
- Evaluate email authentication mechanisms, including SPF, DMARC, and DKIM.
- Examine DNSSEC status for security verification of domain responses.
- Conduct zone transfer (AXFR) tests against nameservers.
- Analyze TLS certificates for issuer information, expiry countdown, and Subject Alternative Names (SANs).
- Inspect HTTP security headers and detect potential subdomain takeovers by comparing dangling CNAMEs to known service fingerprints.
- Ensure cross-platform TCP reachability without requiring root/ICMP access.
- All findings are properly tagged with severity levels (info/low/medium/high), accompanied by remediation suggestions and authoritative references from RFC or OWASP frameworks.
Additional Integration and Configuration
- Offers two configurable scan profiles:
standardfor fast, target-specific scans, andextendedfor more in-depth analysis with additional checks. - A persisted configuration file allows users to customize checks, options, and supply environment-specific API keys effortlessly.
- Supports output in JSON format, making it suitable for integration with other tools.
- Generate customizable reports in HTML or PDF format for easy sharing and documentation.
Example Usage
Command line examples demonstrate simplified syntax:
# Quick review of basic checks:
python3 start.py -d example.com
# Extended scan for comprehensive data:
python3 start.py -d example.com -S
# Individual checks:
python3 start.py -d example.com --email # Email checks
python3 start.py -d example.com --tls --http # TLS and HTTP security headers
Interactive Menu
For a guided experience, run DNScanner with no arguments;
python3 start.py
This brings up an interactive menu for tailored scans across various parameters including active/passive checks, reachability, and export options.
As a Library
To use DNScanner within Python scripts:
from DNScanner import DNScanner
result = DNScanner("example.com").scan(
checks=["records", "email", "dnssec", "tls", "http", "axfr"]
)
DNScanner is efficient, versatile, and user-friendly, making it an essential toolkit for security professionals engaged in domain assessments.
No comments yet.
Sign in to be the first to comment.