@@ -16,11 +16,74 @@ import (
1616 "github.com/owasp-amass/resolve/pool"
1717 "github.com/owasp-amass/resolve/selectors"
1818 "github.com/owasp-amass/resolve/servers"
19+ "github.com/owasp-amass/resolve/types"
1920 "github.com/owasp-amass/resolve/utils"
2021 "github.com/owasp-amass/resolve/wildcards"
2122 "golang.org/x/net/publicsuffix"
2223)
2324
25+ type baseline struct {
26+ address string
27+ qps int
28+ }
29+
30+ // baselineResolvers is a list of trusted public DNS resolvers.
31+ var baselineResolvers = []baseline {
32+ {"8.8.8.8" , 5 }, // Google Primary
33+ {"8.8.4.4" , 5 }, // Google Secondary
34+ {"95.85.95.85" , 2 }, // Gcore DNS Primary
35+ {"2.56.220.2" , 2 }, // Gcore DNS Secondary
36+ {"76.76.2.0" , 2 }, // ControlD Primary
37+ {"76.76.10.0" , 2 }, // ControlD Secondary
38+ {"9.9.9.9" , 2 }, // Quad9 Primary
39+ {"149.112.112.112" , 2 }, // Quad9 Secondary
40+ {"208.67.222.222" , 2 }, // Cisco OpenDNS Home Primary
41+ {"208.67.220.220" , 2 }, // Cisco OpenDNS Home Secondary
42+ {"1.1.1.1" , 3 }, // Cloudflare Primary
43+ {"1.0.0.1" , 3 }, // Cloudflare Secondary
44+ {"185.228.168.9" , 1 }, // CleanBrowsing Primary
45+ {"185.228.169.9" , 1 }, // CleanBrowsing Secondary
46+ {"76.76.19.19" , 1 }, // Alternate DNS Primary
47+ {"76.223.122.150" , 1 }, // Alternate DNS Secondary
48+ {"94.140.14.14" , 1 }, // AdGuard DNS Primary
49+ {"94.140.15.15" , 1 }, // AdGuard DNS Secondary
50+ {"176.103.130.130" , 1 }, // AdGuard
51+ {"176.103.130.131" , 1 }, // AdGuard
52+ {"8.26.56.26" , 1 }, // Comodo Secure DNS Primary
53+ {"8.20.247.20" , 1 }, // Comodo Secure DNS Secondary
54+ {"205.171.3.65" , 1 }, // CenturyLink Level3 Primary
55+ {"205.171.2.65" , 1 }, // CenturyLink Level3 Secondary
56+ {"64.6.64.6" , 1 }, // Verisign DNS Primary
57+ {"64.6.65.6" , 1 }, // Verisign DNS Secondary
58+ {"209.244.0.3" , 1 }, // CenturyLink Level3
59+ {"209.244.0.4" , 1 }, // CenturyLink Level3
60+ {"149.112.121.10" , 1 }, // CIRA Canadian Shield Primary
61+ {"149.112.122.10" , 1 }, // CIRA Canadian Shield Secondary
62+ {"138.197.140.189" , 1 }, // OpenNIC Primary
63+ {"162.243.19.47" , 1 }, // OpenNIC Secondary
64+ {"216.87.84.211" , 1 }, // OpenNIC
65+ {"23.90.4.6" , 1 }, // OpenNIC
66+ {"216.146.35.35" , 1 }, // Oracle Dyn Primary
67+ {"216.146.36.36" , 1 }, // Oracle Dyn Secondary
68+ {"91.239.100.100" , 1 }, // UncensoredDNS Primary
69+ {"89.233.43.71" , 1 }, // UncensoredDNS Secondary
70+ {"77.88.8.8" , 1 }, // Yandex.DNS Primary
71+ {"77.88.8.1" , 1 }, // Yandex.DNS Secondary
72+ {"74.82.42.42" , 1 }, // Hurricane Electric Primary
73+ {"94.130.180.225" , 1 }, // DNS for Family Primary
74+ {"78.47.64.161" , 1 }, // DNS for Family Secondary
75+ {"80.80.80.80" , 1 }, // Freenom World Primary
76+ {"80.80.81.81" , 1 }, // Freenom World Secondary
77+ {"84.200.69.80" , 1 }, // DNS.WATCH Primary
78+ {"84.200.70.40" , 1 }, // DNS.WATCH Secondary
79+ {"156.154.70.5" , 1 }, // Neustar Primary
80+ {"156.157.71.5" , 1 }, // Neustar Secondary
81+ {"81.218.119.11" , 1 }, // GreenTeamDNS Primary
82+ {"209.88.198.133" , 1 }, // GreenTeamDNS Secondary
83+ {"37.235.1.177" , 1 }, // FreeDNS
84+ {"38.132.106.139" , 1 }, // CyberGhost
85+ }
86+
2487var trusted * pool.Pool
2588var detector * wildcards.Detector
2689
@@ -76,7 +139,12 @@ func trustedResolvers() *pool.Pool {
76139 wconns := conn .New (cpus , selectors .NewSingle (timeout , serv ))
77140 detector = wildcards .NewDetector (serv , wconns , nil )
78141 // the server pool
79- sel := selectors .NewAuthoritative (timeout , servers .NewNameserver )
142+ var servs []types.Nameserver
143+ for _ , r := range baselineResolvers {
144+ servs = append (servs , servers .NewNameserver (r .address ))
145+ }
146+ sel := selectors .NewRandom (timeout , servs ... )
147+ //sel := selectors.NewAuthoritative(timeout, servers.NewNameserver)
80148 conns := conn .New (cpus , sel )
81149 return pool .New (0 , sel , conns , nil )
82150}
0 commit comments