{"id":18851607,"url":"https://github.com/eviltik/evildns","last_synced_at":"2025-04-14T09:52:50.802Z","repository":{"id":20301973,"uuid":"89393418","full_name":"eviltik/evildns","owner":"eviltik","description":"A (massive) DNS tools (reverse lookup for now)","archived":false,"fork":false,"pushed_at":"2022-07-06T18:58:41.000Z","size":62,"stargazers_count":11,"open_issues_count":4,"forks_count":2,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-27T23:11:38.052Z","etag":null,"topics":["dns","dnsresolver","nodejs","resolver","reverse-lookup"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eviltik.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-04-25T18:26:28.000Z","updated_at":"2024-06-14T04:31:12.000Z","dependencies_parsed_at":"2022-08-07T09:16:01.352Z","dependency_job_id":null,"html_url":"https://github.com/eviltik/evildns","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eviltik%2Fevildns","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eviltik%2Fevildns/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eviltik%2Fevildns/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eviltik%2Fevildns/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eviltik","download_url":"https://codeload.github.com/eviltik/evildns/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248860065,"owners_count":21173339,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","dnsresolver","nodejs","resolver","reverse-lookup"],"created_at":"2024-11-08T03:35:24.738Z","updated_at":"2025-04-14T09:52:50.776Z","avatar_url":"https://github.com/eviltik.png","language":"JavaScript","readme":"# evildns\n\n\u003c!-- ![Node.js CI](https://github.com/eviltik/pinary/workflows/Node.js%20CI/badge.svg) --\u003e\n[![npm version](https://badge.fury.io/js/evildns.svg)](https://badge.fury.io/js/evildns)\n[![MIT Licence](https://badges.frapsoft.com/os/mit/mit.svg?v=103)](https://opensource.org/licenses/mit-license.php)\n[![Dependency Status](https://david-dm.org/eviltik/evildns.svg)](https://david-dm.org/eviltik/evildns)\n\nA (massive) DNS Reverse Lookup Tool\n-----------------------------------\n\n**How it works ?**\n\nEach CIDR lines found in a text file will create a \"worker\" for\nreverse lookup all IPs in given CIDR range. Workers will send\nresult to the master process each time an IP give his reverse lookup name,\nthen, the master process will update the \"tree\" result. A maximum of 5 resolvers\nare working in parallel (atm).\n\nIf you stop the process for many reasons and you start it again,\nit's supposed to pick up where it left off (use \"-r\" options to reset cache).\n\nThis tool does not required a database to store result. It use the filesystem to\nstore results, create a \"tree/\" directory.\n\n**Motivations**\n\nMy personal need was to create my own crawlers reputation database (IP/Reverse/UserAgent),\nbut you can use evildns for some other needs.\n\n\nWarning\n-------\n\nThis tool can be brought to send more than 3000 DNS Queries per second.\nYou can be blacklisted if the DNS Server is rate limited. Take care.\n\n\nInstallation\n------------\n```\n$ npm install -g evildns\n```\n\nUsage\n-----\n```\n$ evildns myCidrList.txt\n[■               ] 3% | ETA: 00:12:39 | 23274/680200\n```\n\nResult provide a tree, example 1:\n```\n* top level domain\n    * maindomain\n        * data.csv\n\ndata.csv content:\n    #ip | fqdn | lastupdate\n    1.2.3.4|subdomain1.maindomain.topdomain|1509348777393\n    1.2.3.5|subdomain1.maindomain.topdomain|1509348879073\n    1.2.3.6|subdomain1.maindomain.topdomain|1509349010384\n    1.2.3.7|subdomain1.maindomain.topdomain|1509349052749\n    1.2.3.8|subdomain1.maindomain.topdomain|1509349083896\n```\n\n\nTree created, example 2 (no limit regarding subdomain depth)\n```\n* top level domain\n    * maindomain\n        * subdomain(n)\n            * data.csv\n\ndata.csv content:\n    #ip | fqdn | lastupdate\n    1.2.3.4|sub1.subdomain.maindomain.topdomain|1509348777393\n    1.2.3.5|sub2.subdomain.maindomain.topdomain|1509348879073\n    1.2.3.6|sub3.subdomain.maindomain.topdomain|1509349010384\n    1.2.3.7|sub4.subdomain.maindomain.topdomain|1509349052749\n    1.2.3.8|sub5.subdomain.maindomain.topdomain|1509349083896\n```\n\n\nProgress indicator\n------------------\n\nWhen using \"-p\" option, we can see what is going on\n```\n--------------------------------------------------------------------------------\n209.185.108.128/25   [=================] 99% 125/126           49/s | 209.185.108.254\n66.249.64.0/19       [                 ]  0%\n72.14.192.0/18       [                 ]  0%\n208.46.199.160/29    [                 ]  0% 0/6                0/s | 208.46.199.166\n209.85.128.0/17      [                 ]  0%\n216.239.32.0/19      [                 ]  0% 57/8190           37/s | 216.239.35.233\n64.68.80.0/21        [=                ]  3% 75/2046           38/s | 64.68.83.233\n66.102.0.0/20        [                 ]  0% 2/4094             2/s | 66.102.3.233\n64.233.160.0/19      [                 ]  0% 43/8190           43/s | 64.233.163.233\n108.177.0.0/17       [                 ]  0% 8/32766            8/s | 108.177.3.233\n--------------------------------------------------------------------------------\noi-in-f17.1e100.net\noi-in-f18.1e100.net\nany-in-2025.1e100.net\noi-in-f19.1e100.net\nany-in-2026.1e100.net\nany-in-2027.1e100.net\noi-in-f23.1e100.net\nany-in-2028.1e100.net\nany-in-2029.1e100.net\noi-in-f26.1e100.net\nany-in-202b.1e100.net\noi-in-f27.1e100.net\nany-in-202c.1e100.net\nany-in-202d.1e100.net\noi-in-f28.1e100.net\noi-in-f31.1e100.net\nany-in-2033.1e100.net\nany-in-2035.1e100.net\nany-in-2036.1e100.net\noi-in-f114.1e100.net\n--------------------------------------------------------------------------------\n0% done since 00:00:03, remaining 01:02:36 (181 reverse per sec) (328/680200)\n```\n\nHelp\n-----\n```\n$ evildns ---help\n\n    Usage: evildns [options] \u003ccidrFile\u003e\n\n    Options:\n\n      -r, --rebuild-cache  Rebuild local cache\n      -p, --progress       Show progress\n      -v, --verbose        Verbose\n      -q, --quiet          Quiet\n      -h, --help           output usage information\n\n```\n\n\n\nComing next\n-----------\n* Tests\n* Be able to define DNS Servers ?\n* Command line option to set the number of workers (default 5)\n* IPv6 (need help on this)\n* with sockmq:\n    * make evildns distributed\n    * provide realtime results (sockmq =\u003e websocket =\u003e GUI)\n\n\nResources\n---------\n* https://udger.com\n* https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks\n* https://udger.com/resources/ua-list\n* http://viewdns.info/\n* http://exfiltrated.com/querystart.php\n* https://robtex.com/\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feviltik%2Fevildns","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feviltik%2Fevildns","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feviltik%2Fevildns/lists"}