{"id":13586196,"url":"https://github.com/nmmapper/dnsdumpster","last_synced_at":"2025-04-07T14:33:57.742Z","repository":{"id":42925450,"uuid":"222412548","full_name":"nmmapper/dnsdumpster","owner":"nmmapper","description":"A tool to perform DNS reconnaissance on target networks. Among the DNS information got from include subdomains, mx records, web application firewall detection and more fingerprinting and lookups","archived":false,"fork":false,"pushed_at":"2023-02-14T13:01:38.000Z","size":154,"stargazers_count":229,"open_issues_count":2,"forks_count":37,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-02-14T21:24:25.099Z","etag":null,"topics":["detection","dns-fingerprinting","dns-reconnaissance","dnsdumpster","network","nmmapper","reconnaissance","scanner","scanners","subdomain","subdomain-finder","web-application-firewall"],"latest_commit_sha":null,"homepage":"https://www.nmmapper.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nmmapper.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-11-18T09:37:36.000Z","updated_at":"2024-08-01T16:32:17.745Z","dependencies_parsed_at":"2024-08-01T16:42:21.387Z","dependency_job_id":null,"html_url":"https://github.com/nmmapper/dnsdumpster","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmmapper%2Fdnsdumpster","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmmapper%2Fdnsdumpster/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmmapper%2Fdnsdumpster/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nmmapper%2Fdnsdumpster/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nmmapper","download_url":"https://codeload.github.com/nmmapper/dnsdumpster/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223285158,"owners_count":17119847,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["detection","dns-fingerprinting","dns-reconnaissance","dnsdumpster","network","nmmapper","reconnaissance","scanner","scanners","subdomain","subdomain-finder","web-application-firewall"],"created_at":"2024-08-01T15:05:23.401Z","updated_at":"2025-04-07T14:33:57.734Z","avatar_url":"https://github.com/nmmapper.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# dnsdumpster\nA tool to perform DNS reconnaissance on target networks. The results include a variety of information that are useful for users performing network reconnaissance.\nSome of the information return include\n * [Host subdomains](https://www.nmmapper.com/sys/tools/subdomainfinder/)\n * Different dns informat(MX, A record)\n * Geo information\n * [Email](https://www.nmmapper.com/kalitools/theharvester/email-harvester-tool/online/)\n\n# Dependencies \n * requests\n * dnspython\n * simplejson\n * ip2geotools\n * ipwhois\n\n```sh\n$ pip3 install -r requirements.txt\n```\n\n# How to\n```sh\n$ python3 dnsdumpster.py -d nmmapper.com\n\nStarting dns dump against nmmapper.com\nSearching using engine Netcraft\nSearching using engine Virustotal\nSearching using engine ThreatCrowd\nSearching using engine SSL Certificates\n[\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"173.212.192.0/19\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"2009-10-26\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"173.212.208.249\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"www.nmmapper.com\",\n \"subdomain_ip\": \"173.212.208.249\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"207.180.222.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1996-08-21\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"207.180.222.55\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"analytics.nmmapper.com\",\n \"subdomain_ip\": \"207.180.222.55\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"173.212.192.0/19\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"2009-10-26\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"173.212.208.249\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"celery.nmmapper.com\",\n \"subdomain_ip\": \"173.212.208.249\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"clk.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"d1.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"173.212.192.0/19\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"2009-10-26\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"173.212.208.249\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"goaccess.nmmapper.com\",\n \"subdomain_ip\": \"173.212.208.249\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"mail.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"p0-cdn.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"p352931.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"p352931-cdn.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": {\n \"asn\": \"51167\",\n \"asn_cidr\": \"167.86.88.0/23\",\n \"asn_country_code\": \"DE\",\n \"asn_date\": \"1993-05-14\",\n \"asn_description\": \"CONTABO, DE\",\n \"asn_registry\": \"ripencc\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Munich (Ramersdorf-Perlach)\",\n \"country\": \"DE\",\n \"ip_address\": \"167.86.88.139\",\n \"latitude\": null,\n \"longitude\": null,\n \"region\": \"Bavaria\"\n },\n \"subdomain\": \"upstream.nmmapper.com\",\n \"subdomain_ip\": \"167.86.88.139\"\n },\n {\n \"asn\": null,\n \"domain\": \"nmmapper.com\",\n \"geo\": null,\n \"subdomain\": \"webook.nmmapper.com\",\n \"subdomain_ip\": \"\"\n },\n {\n \"asn\": {\n \"asn\": \"15169\",\n \"asn_cidr\": \"34.64.0.0/14\",\n \"asn_country_code\": \"US\",\n \"asn_date\": \"2018-09-28\",\n \"asn_description\": \"GOOGLE - Google LLC, US\",\n \"asn_registry\": \"arin\"\n },\n \"domain\": \"nmmapper.com\",\n \"geo\": {\n \"city\": \"Ashburn\",\n \"country\": \"US\",\n \"ip_address\": \"34.67.67.41\",\n \"latitude\": 39.0437192,\n \"longitude\": -77.4874899,\n \"region\": \"Virginia\"\n },\n \"subdomain\": \"wss.nmmapper.com\",\n \"subdomain_ip\": \"34.67.67.41\"\n },\n {\n \"asn\": null,\n \"domain\": \"nmmapper.com\",\n \"geo\": null,\n \"subdomain\": \"wss1.nmmapper.com\",\n \"subdomain_ip\": \"\"\n }\n]\n```\n\nThere is support for web application firewall detection. When all subdomains have been enumerated we detect if each of the subdomain is behind a web application firewall. To detect web application firewalls we use [WAFW00F](https://github.com/EnableSecurity/wafw00f) by [Enable Security](http://enablesecurity.com/)\n```py\nfrom wafw00f.main import WafW00F\ndetector = WafW00F(host)\nwaf = detector.identwaf()\nif(waf):\n return waf[0]\nelse:\n return \"\"\n```\n```sh\n{\n \"asn\": {\n \"asn\": \"13335\",\n \"asn_cidr\": \"104.27.160.0/20\",\n \"asn_country_code\": \"US\",\n \"asn_date\": \"2014-03-28\",\n \"asn_description\": \"CLOUDFLARENET - Cloudflare, Inc., US\",\n \"asn_registry\": \"arin\"\n },\n \"geo\": {\n \"city\": \"Ashburn\",\n \"country\": \"US\",\n \"ip_address\": \"104.27.171.116\",\n \"latitude\": 39.0437192,\n \"longitude\": -77.4874899,\n \"region\": \"Virginia\"\n },\n \"server\": \"cloudflare\",\n \"subdomain\": \"mail.mp3hunter.net\",\n \"subdomain_ip\": \"104.27.171.116\",\n \"waf\": \"Cloudflare (Cloudflare Inc.)\"\n },\n\n```\nWeb server detection, the tool also supports web server detection on both the main domain and the subdomains that have been enumerated. Here is a piece of code that does the detection\n```py\ndef get_server_type(host):\n \"\"\"\n :param host: the server we want to get it's server\n @return str\n \"\"\"\n try:\n ua = get_user_agent()\n headers = {\n 'User-Agent': ua,\n 'From': 'info@nmmapper.com' \n }\n res = requests.get(add_protocol(host), headers=headers)\n if(res.headers):\n return res.headers.get(\"Server\")\n else:\n return \"\"\n \n except Exception as e:\n return \"\"\n```\n\n## Stargazers over time\n[![Stargazers over time](https://starchart.cc/nmmapper/dnsdumpster.svg?variant=adaptive)](https://starchart.cc/nmmapper/dnsdumpster)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnmmapper%2Fdnsdumpster","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnmmapper%2Fdnsdumpster","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnmmapper%2Fdnsdumpster/lists"}