Skip to main content

dnsx

dnsx is a versatile DNS toolkit designed for automated security workflows within the Canva platform. It effectively detects DNS information related to specified subdomains or IP addresses, making it a crucial component for reconnaissance tasks.

Ideal Use Cases & Fit

dnsx excels in scenarios involving domain enumeration, particularly when handling multiple subdomains or IP addresses. It is ideal for security assessments where rapid querying of DNS records such as A, AAAA, CNAME, and more is required. Its batch processing capability allows for efficient data collection, thus solving the problem of manually querying DNS records. However, it may not be appropriate for analysis tasks that require in-depth parsing of DNS responses beyond basic record types.

Value in Workflows

By integrating dnsx into security workflows, teams can automate the process of gathering DNS data, enhancing the efficiency of early reconnaissance activities. It serves as a foundational tool in workflows, allowing security professionals to build upon its outputs for deeper analysis or further automated tasks, thus accelerating incident response and vulnerability assessments.

Input Data

The tool expects an input file consisting of newline-separated subdomains. This file functions as the target list, which is mandatory for the operation of dnsx. An example input could contain:

subdomain.example.com
subdomain2.example.com

Configuration

  • silent: Control the silent operation mode, which suppresses output to the console.
  • json: Enable output in JSON Lines format for structured data representation.
  • a: Query A records, useful for retrieving IPv4 addresses.
  • aaaa: Optionally query AAAA records for IPv6 addresses.
  • cname: Query CNAME records to retrieve canonical names for DNS entries.
  • ns: Fetch authoritative nameserver (NS) records for domains.
  • txt: Retrieve text (TXT) records associated with given domains.
  • srv: Query SRV records, which provide information about services.
  • ptr: Fetch pointer (PTR) records for reverse DNS lookups.
  • mx: Obtain mail exchange (MX) records to identify mail servers.
  • retry: Set the number of retry attempts for DNS queries.
  • resolver: Specify custom DNS resolvers to utilize during queries.

This structured configuration ensures that workflow builders can easily tailor dnsx for their specific reconnaissance needs while leveraging default settings for efficiency.