-
-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNS Information Recon (Deep dive) #1
Labels
item-collector-passive
New Item-Collector (Passive)
new-item
New Item
task
This is a regular task for Redjoust
Milestone
Comments
kawaiipantsu
added
enhancement
New feature or request
question
Further information is requested
item-collector-passive
New Item-Collector (Passive)
labels
Mar 12, 2022
kawaiipantsu
added
new-item
New Item
task
This is a regular task for Redjoust
and removed
enhancement
New feature or request
question
Further information is requested
labels
Mar 12, 2022
Forgotten to add DMARC on the list. So this is added after MX and before SPF. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
item-collector-passive
New Item-Collector (Passive)
new-item
New Item
task
This is a regular task for Redjoust
DNS Information Recon (Deep dive)
Item condition criteria: Target must be a host/domain name
Item gather type: Passive
Use 'system' DNS or config provided DNS servers for lookup
ie. Public or Private DNS server for lan lookup etc...
DNS Zone Transfer
target
'Lookup '
target
' SOA #13Lookup '
target
' NSNS
server(s) to IPLookup '
target
' addressesA, AAAA, CNAME
DNS Fuzz (simple array only)
A, AAAA, CNAME
)(etc:
www
,www1
,www2
,ftp
,mail
,ns
,ns1
,ns2
,admin
,blog
,admin
,firewall
,gw
,exchange
,owa
,jira
,wiki
,serec
,beta
,test
,sso
,login
,portal
,intranet
,files
,srv
,srv1
,ad
,dl
,download
,server
,archive
,backup
,bak
,support
,tracker
,srv2
,cdn
,vdi
,vpn
,citrix
,vmware
,git
,svn
,code
,vnc
,ingress
,k8s
,kube
,kubenetes
,cloud
,cluster
,mon
,monitor
,grafana
,dashboard
,ldap
,autodiscover
,sip
,web
,snmp
,auth
,ha
,elb
,vm
,hyper
,hyperv
,vcenter
,vami
,psc
,vcsa
,cam
,camera
,dvr
,nvr
,cctv
,sec
,security
,api
,apis
,mq
,mqtt
,queue
,iot
,db
,database
,mysql
,db2
,oracle
,tomcat
)host-fuzz
'.'target
'Lookup '
target
' MXMX
server(s) to IPLookup '
target
' DMARCLookup special records of interest
target
'include:
directives(etc:
domainkey
,dmarc
,host
,salt
,info
,contact
,abuse
,spf
,mail
,smb
,ad
,bgp
,peer
,dyn
,ip
,vlan
,vlanif
,cpe
,peer-as
,dynamic
,static
,customer
,a1
,a10
,a100
,link
,ldn
,nto
,tcore
,tcore1
,tcore2
,sv
,sv1
,sv2
,sql
,eql
,dhcp
,net
,edge
,cidr
,as
,as1
,as2
,ospf
,igp
,egp
,rules
,mail
,local
,config
,pref
,conf
,cfg
)target
'txt-fuzz
'.'target
'_
'txt-fuzz
'.'target
'(etc:
ldap
,kerberos
,caldav
,caldavs
,carddav
,carddavs
,sip
,xmpp-server
,xmpp-client
,ftp
,finger
,ssh
,telnet
,ntp
,nntp
,http
,https
,idb
,db
,smtp
,h323cs
,h323ls
,h323rs
,sips
,federation
,sipfederationtls
,pexapp
,xmpp
,cuplogin
,cisco-phone-tftp
,bgp
,cisco-phone-http
,ciscowtp
,pcoip-bootstrap
,daap
,irc
,printer
,ipp
,pdl-datastream
,riousbprint
,ipp-printer
,dicom
,avaya-ep-config
,gc
,kpasswd
,smb
,wins
,netbios
,nfs
,dns
,rip
,nat
,stun
,snmp
,syslog
,splunk
,dhcp
,trunk
,socks
,proxy
,socks5
,tor
,edge
,gw
,elb
,ha
,kafka
,casandra
,mysql
,postgresql
,nosql
,db2
,oracle
)target
'_
'service-fuzz
'._tcp
.'target
'_
'service-fuzz
'._udp
.'target
'_
'service-fuzz
'._tls
.'target
'_
'service-fuzz
'._tcp.dc._msdcs
.'target
'target
'www
.'target
'mail
.'target
'target
'Flag
into human readableProtocol
into human readableAlgorithm
into human readableValidation token fingerprinting
Match:
google-site-verification=(<hash>)
Match:
ms=(<hash>)
Match:
mscid=(<hash-base64>)
Match:
facebook-domain-verification=(<hash>)
Match:
_globalsign-domain-verification=(<hash>)-(<hash>)
Gmail.com ( Cloud Services)
Microsoft Office 365 ( Cloud Services)
O365 ( Cloud Services)
Facebook.com ( Cloud Services)
Globalsign.com ( Certificate Authority)
Attached files
DNS-Token-Fingerprints.txt
The text was updated successfully, but these errors were encountered: