Skip to content
NEW: auto-exploit Apache Arbitrary File Read & gain RCE with SNIPER

DNS Zone Transfer Vulnerability Scanner

Attempt DNS Zone Transfer against the name servers of the target domain

Sample Report | Use Cases | Technical Details

Need to see the full results?

Unlock the full power and feature of our DNS Zone Transfer Vulnerability Scanner! Compare pricing plans and discover more tools and features.

Sample Report

Here is a DNS Zone Transfer Vulnerability Scanner sample report:

  • Includes all the name servers of target domain
  • Shows the full DNS Zone file if accessible

Download Sample Report

Sample report

DNS Zone Transfer Vulnerability Scanner - Use Cases

Check if the name servers of the target domain are vulnerable to DNS Zone Transfer and attempt to retrieve the full DNS Zone file.

Technical Details


DNS servers should not permit zone transfers towards any IP address from the Internet.
Since zone files contain complete information about domain names, subdomains, and IP addresses configured on the target name server, finding this information is useful for increasing your attack surface and for better understanding the internal structure of the target company (ex. find test servers, development servers, hidden domains, internal ip addresses, etc)

Information gathered from zone files can be useful for attackers to implement various attacks against the target company, like targeting test or development servers that are less secure.


Parameter Description
Target domain name This is the base domain name for which you want to try zone transfer

How it works

The tool first discovers all the name servers associated with your target domain. Then, to each name server, it sends a Zone Transfer (AXFR) DNS request and sees if it is successful or not. In case of success, the full zone file will be displayed.