Zone Transfer
host -l guif.re ns1.guif.re
dnsrecon -d guif.re -t axfr
nmap guif.re --script=dns-zone-transfer -p 53
Windows DNS zone transfer
nslookup -> set type=any -> ls -d blah.com
Linux DNS zone transfer
dig axfr blah.com @ns1.blah.com
dig axfr domain-name-here.com @nameserver
ffuf -i -ic -w /opt/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u http://trick.htb -H "Host: preprod-FUZZ.trick.htb" -of csv -o subs
Last updated