Home Pentest-Tools.com Logo
Infrastructure Testing

DNS Zone Transfer

Attempt DNS Zone Transfer against the name servers of the target domain.

Reporting

Sample Report

Here is a DNS Zone Transfer sample report that gives you a taste of how our tools save you time and reduce repetitive manual work.

  • Includes all the name servers of target domain

  • Shows the full DNS Zone file if accessible

DNS Zone Transfer Report Sample

How to use the pentesting tool

Use Cases for DNS Zone Transfer

Check if the name servers of the target domain are vulnerable to DNS Zone Transfer and attempt to retrieve the full DNS Zone file.

    Better vulnerability discovery. Faster pentest reporting.

    Get instant access to custom vulnerability scanners and automation features that simplify the pentesting process and produce valuable results. The platform helps you cover all the stages of an engagement, from information gathering to website scanning, network scanning, exploitation and reporting.

    Pentest-Tools.com DNS Zone Transfer Sample Report

    DNS Zone Transfer

    Technical Details

    DNS servers shouldn't allow zone transfers towards any IP address from the Internet.

    Zone files contain complete information about domain names, subdomains, and IP addresses configured on the target name server. It is relevant to find this information because it helps increase your attack surface and better understand the internal structure of the target company (e.g., detect test servers, development servers, hidden domains, internal IP addresses, etc.)

    Information gathered from zone files can help attackers implement various attacks against the target company, like targeting test or development servers that are less secure.

    Parameters

    ParameterDescription
    Target domain nameThis is the base domain name for which you want to try zone transfer.

    How it works

    The tool starts by discovering all the name servers associated with your target domain. Then, to each name server, it sends a Zone Transfer (AXFR) DNS request and checks if it is successful or not. In case of success, the entire zone file is displayed.