search

projectdiscovery / nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
20.88k stars 2.52k forks source link

[FEATURE] DNS TRACE #5581

Open pdelteil opened 3 months ago

pdelteil commented 3 months ago

Describe your feature request

To enhance the detection of DNS takeovers, it would be incredibly helpful to introduce a feature that allows running DNS TRACE requests directly within Nuclei templates.

Describe the use case of the feature

The feature would enable users to trigger a DNS TRACE request specifically after detecting a SERVFAIL status code. The primary use case is to identify which DNS manager is responsible for the error. By running a TRACE immediately following a SERVFAIL, users can follow the DNS query's path through various name servers to pinpoint where the failure occurs.

Important is to have a optional feature that will retrieve only the last step in the resolution process.

Describe alternatives you've considered

I have been using dnsx -rc servfail and then dnsx +trace, but the logic used in the json response from the trace flag is complex and hard to maintain.

Additional context

No response

GeorginaReeder commented 3 months ago

Thanks for this feature request @pdelteil , we'll take a look into it!