Closed mansoorr123 closed 4 years ago
For your second issue, in my test results, -t A
option will output both A
record and NXDOMAIN + CNAME
results, the latter one can be recognized as subdomain takeover feature.
And for a big domains list, I got different result every time, maybe I have the same issue -s 1000
@mansoorr123 for #4, this is now supported by using the feature implemented in #72. You can use --ignore
multiple times to ignore all answers except A, AAAA and CNAME
The other problems you are having are probably because you're being too aggressive and either overloading the recursive resolver or the authoritative NS with the SOA for the domain(s) you are enumerating. You should try a smaller -s
value. You should also stick to public recursive resolvers that are intentionally open to the public and resourced adequately. Using random resolvers from lists across the Internet is likely to give you bad results
For your second issue.. and probably all of your issues... why are you using -o F
if you're going to consume the data programmatically? You should be using -o J
which outputs NDJSON. This is very, very easy to parse efficiently using any scripting language, including jq
which you can use on the command line to do very advanced and efficient processing of the output
@mansoorr123 for #4, this is now supported by using the feature implemented in #72. You can use
--ignore
multiple times to ignore all answers except A, AAAA and CNAMEThe other problems you are having are probably because you're being too aggressive and either overloading the recursive resolver or the authoritative NS with the SOA for the domain(s) you are enumerating. You should try a smaller
-s
value. You should also stick to public recursive resolvers that are intentionally open to the public and resourced adequately. Using random resolvers from lists across the Internet is likely to give you bad resultsFor your second issue.. and probably all of your issues... why are you using
-o F
if you're going to consume the data programmatically? You should be using-o J
which outputs NDJSON. This is very, very easy to parse efficiently using any scripting language, includingjq
which you can use on the command line to do very advanced and efficient processing of the output
Thanks for your comment. At the time of writing this issue NDJSON format contains very less fields (like STATUS of domain was absent). Now I have migrated to NDJSON format.
The -s
parameter should be chosen depending on your bandwidth and the number of used resolvers. I might reconsider changing the default value if I receive more feedback that a default value of 10,000 is too large.
Concerning the second issue, 8cb5723c6e4e620b4f70b3ffced1b64f5f5991ca now introduces a --filter
option which allows to only output packets matching a specific response code (i.e. it can be used to filter NXDOMAIN
responses).
The third issue might arise from the randomness used to select resolvers or from rate limits being enforced causing some resolvers not to reply anymore. It shouldn't have to do anything with the output format.
Greetings!! Thanks for this wonderful tool. I am facing following issues while using this tool: