Use Dnsdumpster.com To Passively Map An Organization's External Facing Assets
Using DNSdumpster to gather information about the organization.
Background:
If you need to map out an organisation's external facing assets, Dnsdumpster.com is a great resource. This website allows you to see all of the domains and IP addresses that are associated with a particular website. This can be really helpful in understanding how an organisation's online presence is structured.
To use Dnsdumpster.com, simply enter the website's URL into the search bar. The website will then show you all of the domains and IP addresses that are associated with that URL. You can also export the data to a CSV file for further analysis.
This website is a great way to passively map out an organisation's external assets.
Story:
During an ethical hacking engagement, I found an interesting open source tool called dnsdumpster. It allows you to easily lookup DNS records for a domain. I decided to use it to perform a reconnaissance on the target domain. I was able to find several DNS records that I was not expecting, including an email server and a web server. This information was very useful in furthering my analysis of the target domain.
Exercise:
Use shodan.io to passively map an organization's external facing assets.
Example:
Using dnsdumpster.com, I chose to look up the github.com domain.
Information Gathered:
Hosting Services:
Hosting services are online services that allow individuals and organizations to make their website or other online content available on the internet.
DNS Servers:
DNS servers that are responsible for translating human-readable domain names into IP addresses that are used by computers to locate and connect to a particular website or online service on the internet.
MX Records:
MX (Mail Exchanger) records are DNS records that specify the mail server responsible for accepting incoming email messages for a specific domain name.
TXT Records:
TXT (Text) records are DNS records that allow domain owners to add arbitrary text information to their DNS zone file. The text information can be used for a variety of purposes, including domain verification, sender policy framework (SPF) configuration, domain keys identified mail (DKIM) configuration, and other domain-related authentication and authorization purposes.
Host Records:
Host/A records are DNS records that map a hostname to its corresponding IP address. When a user types a hostname into their web browser, the browser sends a request to a DNS server, which looks up the IP address associated with that hostname in its records.
Domain Map:
A domain map is a visual representation of the domain names and IP addresses associated with a network or a group of websites.
Last updated
