A comprehensive DNS intelligence and security analysis tool for domain reconnaissance
Created by wh0xac
Features • Installation • Usage • Examples • Documentation
DNSint is a powerful, all-in-one DNS reconnaissance and OSINT tool designed for security professionals, penetration testers, and system administrators. It combines multiple DNS analysis techniques with OSINT data sources to provide comprehensive domain intelligence.
- ✅ Comprehensive - 10+ analysis modules in one tool
- ✅ Fast - Parallel queries and optimized performance
- ✅ Beautiful - Rich terminal UI with colored output
- ✅ Flexible - Modular design, use only what you need
- ✅ Export Ready - JSON and TXT reports for documentation
- ✅ Split-Brain DNS - Custom DNS server support
- ✅ Auto-Update - Stay current with latest features
- DNS Records Discovery - Query all major record types (A, AAAA, MX, TXT, NS, SOA, SRV, CAA, DNSKEY, DS, NAPTR)
- Reverse PTR Lookups - Discover reverse DNS mappings for all IPs
- Zone Transfer Testing - Attempt AXFR on discovered nameservers
- DNSSEC Validation - Check DNSKEY and DS records
- SPF Analysis - Parse SPF records, count lookups, detect issues
- DMARC Policy - Check DMARC configuration and policy strength
- DKIM Detection - Probe common DKIM selectors
- Misconfiguration Detection - Identify common DNS security issues
- Zone Transfer Vulnerabilities - Test all nameservers for AXFR leaks
- DNS Propagation - Check consistency across global resolvers
- Security Headers - Analyze HTTP security headers (CSP, HSTS, etc.)
- Nameserver Analysis - SOA serial checks, ASN lookups, geolocation
- Technology Detection - Identify web servers, CMS, frameworks, CDN, WAF
- Network Intelligence - ASN, organization, and country mapping
- Certificate Transparency - Discover subdomains from CT logs
- Passive DNS - Historical DNS data (when available)
- Related Domains - Find associated domains and wildcards
- Extended WHOIS - Registrar, registrant, dates, status
- Privacy Detection - Identify privacy protection services
- Expiration Tracking - Days until domain expiration with warnings
- Custom DNS Server - Query specific DNS resolvers (split-brain DNS support)
- Auto-Update - One-command updates via git
- Export Reports - Save results in JSON and TXT formats
- Quiet Mode - Minimal output for scripting
- Verbose Logging - Detailed debug information
- Python 3 or higher
# Clone the repository
git clone https://github.com/who0xac/DNSint.git
cd DNSint
# Install dependencies
pip install -r requirements.txt
# Run DNSint
python DNSint.py example.com -apython DNSint.py <domain> [options]Positional Arguments:
domain Target domain (e.g., example.com)
Module Selection:
-a, --all Run full DNS + OSINT + Technology scan (default)
-r, --records Query DNS record types
-z, --zone Perform reverse PTR & AXFR checks
-m, --mail Analyze SPF, DKIM, DMARC
-w, --whois Perform extended WHOIS lookup
-n, --nsinfo Analyze nameserver info & DNSSEC
-p, --propagation Check global DNS propagation
-s, --security Run DNS misconfiguration checks
-o, --osint Enrich with passive DNS & CT data
-t, --tech Detect web technologies, CMS, servers
Advanced Options:
--dns-server <ip> Custom DNS server to use (e.g., 8.8.8.8)
--timeout <seconds> Set DNS query timeout (default: 5)
-u, --update Update DNSint to the latest version
-e, --export Export JSON + TXT reports to Desktop
-v, --verbose Show detailed logs
-q, --quiet Minimal console output
# Complete analysis with all modules
python DNSint.py example.com -a# Check SPF, DMARC, and DKIM
python DNSint.py example.com -m# Run security checks and export report
python DNSint.py example.com -s -e# Use Google DNS
python DNSint.py example.com --dns-server 8.8.8.8
# Use internal DNS server
python DNSint.py internal.company.com --dns-server 192.168.1.53
# Use Cloudflare DNS
python DNSint.py example.com --dns-server 1.1.1.1# Certificate Transparency and passive DNS
python DNSint.py example.com -o# DNS records + WHOIS + email security
python DNSint.py example.com -r -w -m# Detect web stack and security headers
python DNSint.py example.com -t# Minimal output, export to files
python DNSint.py example.com -a -e -q# Update to latest version
python DNSint.py -u┌────────────┬──────────────────────────────┬──────────┬──────────────────────┐
│ Type │ Value │ TTL │ Extra │
├────────────┼──────────────────────────────┼──────────┼──────────────────────┤
│ A │ 93.184.216.34 │ 3600 │ │
│ MX │ mail.example.com. │ 3600 │ Priority: 10 │
│ TXT │ "v=spf1 include:_spf..." │ 3600 │ │
└────────────┴──────────────────────────────┴──────────┴──────────────────────┘
📧 Email Security Analysis
├── SPF (Sender Policy Framework)
│ ├── ✓ SPF Record Found
│ ├── Record: v=spf1 include:_spf.google.com ~all
│ └── DNS Lookups: 3 (limit: 10)
├── DMARC (Domain-based Message Authentication)
│ ├── ✓ DMARC Record Found
│ └── Policy: reject
└── DKIM (DomainKeys Identified Mail)
└── ✓ Found selectors: google, default
🔒 Security Audit Results
├── Critical Issues (0)
├── Warnings (2)
│ ├── ⚠ DNSSEC not enabled
│ └── ⚠ Wildcard certificate detected
└── Informational (3)
├── ℹ SPF record configured
├── ℹ DMARC policy set to quarantine
└── ℹ CAA records configured
Test how your domain resolves from different DNS servers:
# Internal DNS
python DNSint.py internal.company.com --dns-server 10.0.0.53
# External DNS (Google)
python DNSint.py company.com --dns-server 8.8.8.8
# Compare results
python DNSint.py company.com --dns-server 8.8.8.8 > external.txt
python DNSint.py company.com --dns-server 10.0.0.53 > internal.txt
diff external.txt internal.txt#!/bin/bash
# Monitor domain DNS changes
python DNSint.py example.com -a -e -q
# Reports saved to Desktop with timestamp# Check DNS before deployment
python DNSint.py staging.example.com -s --dns-server 10.0.0.53
if [ $? -eq 0 ]; then
echo "DNS checks passed"
else
echo "DNS issues detected"
exit 1
fiDNSint can export results in two formats:
{
"domain": "example.com",
"scan_timestamp": "2025-11-23T10:30:00",
"records": {
"A": [{"value": "93.184.216.34", "ttl": 3600}]
},
"whois": {
"registrar": "Example Registrar",
"creation_date": "1995-08-14"
}
}DNSint Report - example.com
Generated: 2025-11-23 10:30:00
==================================
DNS RECORDS:
A: 93.184.216.34 (TTL: 3600)
MX: mail.example.com (Priority: 10, TTL: 3600)
WHOIS:
Registrar: Example Registrar
Created: 1995-08-14
Files are saved to your Desktop with timestamp:
example.com_2025-11-23_103000.jsonexample.com_2025-11-23_103000.txt
Contributions, issues, and feature requests are welcome! Feel free to fork the repository and submit a pull request with your improvements.
DNSint is intended for educational and legal security testing purposes only.
- Only test domains you own or have explicit permission to test
- Unauthorized reconnaissance may be illegal in your jurisdiction
- The author is not responsible for any misuse of this tool
- Always follow responsible disclosure practices
- Respect rate limits and DNS server resources
Made with ❤️ by wh0xac