DNS Protocol Att&CK

DNS Enumeration TTP - Tools, techniques & Procedures

DNS enumeration using dig command

We use the dig command on Kali Linux system to query the DNS servers and retrieve information about the target Host addresses, Name servers, Mail exchanges, etc

dig ns demo.testfire.net

The query above returns all of the DNS name servers for demo.testfire.net, our target domain.

Figure 1 shows the SOA DNS record found asia3.akam.net and hostmaster.akamai.com.

In the Domain Name System, a Start of Authority (SOA) record is a type of resource record that contains administrative information about the zone, particularly about zone transfers.