Review of dnsx – a multi-purpose DNS toolkit

Dnsx is a fast and multi-purpose DNS toolkit that allows you to run multiple probers using the “retryabledns” library, which allows you to perform multiple DNS queries of your choice with a list of user-supplied resolvers.

Other than resolving domains, it has few notable flags like resp and resp-only that allow you to control and print extracted information.

Dnsx Installation

Installing from Binary is the easiest way to install, download the pre-built binaries from the releases page. Download the binary which is compatible with your system. Extract them using tar and move the binary to your $PATH.

tar -xvf dnsx-linux-amd64.tar
mv dnsx-linux-amd64 /usr/local/bin/dnsx
dnsx -h

The next two methods, require the latest go version install in your system. You can check the install version by using the command “go version“ if go is not installed you can follow this link to install the go.

Installing from Source

GO111MODULE=on go get -v github.com/projectdiscovery/dnsx/cmd/dnsx

Installing from Github

git clone https://github.com/projectdiscovery/dnsx.git 
 dnsx/cmd/dnsx
go build
mv dnsx /usr/local/bin/
dnsx -version

How DNSX Works

dnsx can be used to filter old records from the list of subdomains obtained from various sources.

dnsx -l domains.txt -o resolved.txt

Wildcard filtering

dnsx has the ability to handle multi-level DNS-based wildcards and do so with fewer DNS requests. Sometimes all the subdomains will resolve which will lead to lots of garbage in the results. The way dnsx handles this is it will keep track of how many subdomains point to an IP and if the count of the Subdomains increases beyond a certain threshold, it will check for wildcards on all hosts for that IP iteratively.

dnsx -l hackerone-subs.txt -wd hackerone.com -o output.txt
  • -l:- file contains unresolved domains/subdomains.
  • -wd:-  Wildcard domain name for filtering.
  • -o:-  File to write the output.
dnsx -silent -retry 3 -t 5 -l domains.txt -wd domain_name -o resolved.txt
  • -silent:- Show only results in the output.
  • -retry:- Number of DNS retries.
  • -t:- Concurrent threads to make.

What Bunny rating does it get?

The tools has some unique features which are not provided by the similar tools, we will be awarding this tool a rating of 4.5 out of 5 bunnies.

Want to learn more about ethical hacking?

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

Related posts

BruteDum- A network attack bruteforce tool

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

A Review of DNS Enumeration Tool: DNSEnum