dig

The dig (Domain Information Groper) command is a more advanced tool for querying DNS servers, allowing for additional functionality beyond nslookup. It is commonly used for detailed DNS lookups.

dig DOMAIN_NAME #Forward Lookup
dig -x DOMAIN_NAME #Reverse Lookup

#General Command
dig @SERVER DOMAIN_NAME TYPE

SERVER: The DNS server you want to query (optional).
DOMAIN_NAME: The domain name you want to look up.
TYPE: Specifies the type of DNS record you're querying (e.g., MX for mail exchange records, A for IPv4 addresses, AAAA for IPv6).

# This command queries Google’s DNS server (8.8.8.8) for the MX records of example.com, which indicates the mail servers responsible for handling email for the domain.

dig @8.8.8.8 example.com MX

Banner Grabbing

version.bind. CHAOS TXT which will work on most BIND nameservers

dig version.bind CHAOS TXT @DNS

Any Record

The record ANY will ask the DNS server to return all the available entries that it is willing to disclose.

dig any zonetransfer.me @<DNS_IP>

Previousnslookup NextWAF

Last updated 12 months ago