DNS Zone Transfer
About this tool
DNS Zone Transfer allows you to discover if your target's name servers are vulnerable to DNS zone transfers.
DNS servers should not permit zone transfers towards any IP address from the Internet. Since zone files contain complete information about domain names, subdomains and IP addresses configured on the target name server, finding this information is useful for increasing your attack surface and for better understanding the internal structure of the target company (ex. find test servers, development servers, hidden domains, internal ip addresses, etc)
Information gathered from zone files can be useful for attackers to implement various attacks against the target company, like targeting test or development servers which are less secure.
- Target domain name: This is the base domain name for which you want to try zone transfer
How it works
The tool first discovers all name servers associated with your target domain. Then, to each name server it sends a zone transfer DNS request and see if it is successful or not. In case of success, the full zone file will be displayed.