Artifact dnsmap_0.36-3_arm64

Metadata
deb_control_files:
- control
- md5sums
deb_fields:
  Architecture: arm64
  Depends: libc6 (>= 2.34)
  Description: |-
    DNS domain name brute forcing tool
     dnsmap scans a domain for common subdomains using a built-in or an external
     wordlist (if specified using -w option). The internal wordlist has around 1000
     words in English and Spanish as ns1, firewall servicios and smtp. So will be
     possible search for smtp.example.com inside example.com automatically. Results
     can be saved in CSV and human-readable format for further processing. dnsmap
     does NOT require root privileges to be run, and should NOT be run with such
     privileges for security reasons.
     .
     dnsmap was originally released back in 2006 and was inspired by the fictional
     story "The Thief No One Saw" by Paul Craig, which can be found in the book
     "Stealing the Network - How to 0wn the Box".
     .
     dnsmap is mainly meant to be used by pentesters during the information
     gathering/enumeration phase of infrastructure security assessments. During the
     enumeration stage, the security consultant would typically discover the target
     company's IP netblocks, domain names, phone numbers, etc.
     .
     Subdomain brute-forcing is another technique that should be used in the
     enumeration stage, as it's especially useful when other domain enumeration
     techniques such as zone transfers don't work (I rarely see zone transfers being
     publicly allowed these days by the way).
     .
     Fun things that can happen:
     .
       1) Finding interesting remote access servers
          (e.g.: https:://extranet.example.com).
       2) Finding badly configured and/or unpatched servers
          (e.g.: test.example.com).
       3) Finding new domain names which will allow you to map
          non-obvious/hard-to-find netblocks of your target organization
          (registry lookups - aka whois is your friend).
       4) Sometimes you find that some bruteforced subdomains resolve to internal IP
          addresses (RFC 1918). This is great as sometimes they are real up-to-date
          "A" records which means that it is possible to enumerate internal servers
          of a target organization from the Internet by only using standard DNS
          resolving (as opposed to zone transfers for instance).
       5) Discover embedded devices configured using Dynamic DNS services
          (e.g.: IP Cameras). This method is an alternative to finding devices via
          Google hacking techniques.
     .
     This package provides two possible commands: dnsmap and dnsmap-bulk.
     .
     This program is useful for pentesters, ethical hackers and forensics experts.
     It also can be used for security tests.
  Homepage: https://github.com/resurrecting-open-source-projects/dnsmap
  Installed-Size: '300'
  Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
  Package: dnsmap
  Priority: optional
  Section: net
  Version: 0.36-3
srcpkg_name: dnsmap
srcpkg_version: 0.36-3

File

dnsmap_0.36-3_arm64.deb
Binary file dnsmap_0.36-3_arm64.deb cannot be displayed. you can view it raw or download it instead.

Relations

Relation Direction Type Name
built-using Source package dnsmap_0.36-3

binary package System - - 6 months, 2 weeks ago 5 months, 2 weeks
BETA