Overview
Learn essential DNS reconnaissance techniques for penetration testing and security assessments in this conference talk from Hack3rcon 2012. Explore various enumeration methods including standard enumeration, zone transfers, reverse lookups, domain brute-forcing, cache snooping, NSEC zone walking, and SRV/PTR record leakage. Discover how to parse and import gathered data into Metasploit for further analysis. Gain insights from an experienced Director of Reverse Engineering as he covers the goals, caveats, and practical applications of DNS-based information gathering in cybersecurity.
Syllabus
Intro
About Me • Director of Reverse Engineering for security vendor
Disclaimer
What is Recon
Why DNS
Caveats of DNS
DNSRecon
Goals
Types of Enumeration
Standard Enumeration
Zone Transfer
Reverse Lookup
Domain Brute-force
Cache Snooping
NSEC Zone Walk
SRV RR Leakage
PTR RR Leakage
Parsing Data
Importing Data in to Metasploit