Skip to main content

DNS Server Scanner

This tool is deprecated

This scanner is now included into our Network Vulnerability Scanner.

Scan using Network Vulnerability Scanner

Detect Zone Transfer and other vulnerabilities in DNS servers

Reporting

Sample DNS Server Scanner report

Here is a sample report from our DNS Server Scanner that gives you a taste of how our tools save you time and reduce repetitive manual work.

  • Includes all the name servers of target domain

  • Shows the full DNS Zone file if accessible

See sample report
DNS Server Scanner Report Sample

How to use the pentesting tool

Use Cases for DNS Server Scanner

Check if the name servers of the target domain are vulnerable to Zone Transfer and other vulnerabilities and attempt to retrieve the full DNS Zone file.

Better vulnerability discovery.Faster pentest reporting.

Get instant access to custom vulnerability scanners and automation features that simplify the pentesting process and produce valuable results. The platform helps you cover all the stages of an engagement, from information gathering to website scanning, network scanning, exploitation and reporting.

Create your account
Pentest-Tools.com DNS Server Scanner Sample Report

DNS Server Scanner

Technical details

DNS servers shouldn't allow zone transfers towards any IP address from the Internet.

Zone files contain complete information about domain names, subdomains, and IP addresses configured on the target name server. It is relevant to find this information because it helps increase your attack surface and better understand the internal structure of the target company (e.g., detect test servers, development servers, hidden domains, internal IP addresses, etc.)

Information gathered from zone files can help attackers implement various attacks against the target company, like targeting test or development servers that are less secure.

Parameters

ParameterDescription
Target domain nameThis is the base domain name for which you want to try zone transfer.

How it works

The tool starts by discovering all the name servers associated with your target domain. Then, to each name server, it sends a Zone Transfer (AXFR) DNS request and checks if it is successful or not. In case of success, the entire zone file is displayed.