Loading...

DNS Zone Transfer 10 Credits

Attempt DNS Zone Transfer against the name servers of the target domain

Sample Report

|

Use Cases

|

Technical Details

Sample Report

Here is a DNS Zone Transfer sample report:

  • Includes all the name servers of target domain
  • Shows the full DNS Zone file if accessible

DNS Zone Transfer - Use Cases

Check if the name servers of the target domain are vulnerable to DNS Zone Transfer and attempt to retrieve the full DNS Zone file.

Technical Details


About

DNS servers should not permit zone transfers towards any IP address from the Internet.
Since zone files contain complete information about domain names, subdomains and IP addresses configured on the target name server, finding this information is useful for increasing your attack surface and for better understanding the internal structure of the target company (ex. find test servers, development servers, hidden domains, internal ip addresses, etc)

Information gathered from zone files can be useful for attackers to implement various attacks against the target company, like targeting test or development servers which are less secure.


Parameters

Parameter Description
Target domain name This is the base domain name for which you want to try zone transfer


How it works

The tool first discovers all the name servers associated with your target domain. Then, to each name server it sends a Zone Transfer (AXFR) DNS request and see if it is successful or not. In case of success, the full zone file will be displayed.