Dig

From HackOps
Jump to navigation Jump to search

dig[edit | edit source]

dig (Domain Information Groper) is a powerful command-line DNS lookup tool used to query DNS name servers and retrieve resource records. It is commonly used in reconnaissance to resolve hostnames, enumerate DNS records, test custom name servers, and analyze DNS responses in detail.

Common Options[edit | edit source]

Basic Queries[edit | edit source]

Option Description
A Query IPv4 address record
AAAA Query IPv6 address record
MX Query mail exchange record
NS Query authoritative name servers
CNAME Query canonical name record (alias)
SOA Query start of authority record
TXT Query text records (commonly used for SPF, DKIM, etc.)

Query Control[edit | edit source]

Option Description
@[SERVER] Specify DNS server to query
+short Return simplified output (good for scripts)
+noall Suppress all sections of the output
+answer Show only the answer section
+timeout=[SEC] Set query timeout in seconds
+tries=[NUM] Set number of query attempts
+tcp Use TCP instead of UDP for the query
+nocomments Omit comments from output

Examples[edit | edit source]

Query A Record[edit | edit source]

# Query IPv4 address record
dig A example.com

# Output:
example.com.    300    IN    A    93.184.216.34

↑ Options

Query AAAA Record[edit | edit source]

# Query IPv6 address record
dig AAAA example.com

# Output:
example.com.    300    IN    AAAA    2606:2800:220:1:248:1893:25c8:1946

↑ Options

Query MX Records[edit | edit source]

# Query mail exchange records
dig MX example.com

# Output:
example.com.    300    IN    MX    10 mail.example.com.

↑ Options

Query Name Servers[edit | edit source]

# Query authoritative name servers
dig NS example.com

# Output:
example.com.    300    IN    NS    b.iana-servers.net.
example.com.    300    IN    NS    a.iana-servers.net.

↑ Options

Query CNAME Record[edit | edit source]

# Query canonical name (alias) record
dig CNAME www.example.com

# Output:
www.example.com.    300    IN    CNAME    example.com.

↑ Options

Query SOA Record[edit | edit source]

# Query Start of Authority record
dig SOA example.com

# Output:
example.com.    300    IN    SOA    sns.dns.icann.org. noc.dns.icann.org. 2017042745 7200 3600 1209600 3600

↑ Options

Query TXT Records[edit | edit source]

# Query text records
dig TXT example.com

# Output:
example.com.    300    IN    TXT    "v=spf1 -all"

↑ Options

Use Specific DNS Server[edit | edit source]

# Query A record using Google's DNS server
dig @8.8.8.8 A example.com

# Output:
example.com.    300    IN    A    93.184.216.34

↑ Options

Simplified Output[edit | edit source]

# Return only the IP address
dig +short A example.com

# Output:
93.184.216.34

↑ Options

Show Only Answer Section[edit | edit source]

# Suppress all sections except the answer
dig +noall +answer A example.com

# Output:
example.com.    300    IN    A    93.184.216.34

↑ Options

Set Timeout[edit | edit source]

# Set DNS query timeout to 2 seconds
dig +timeout=2 A example.com

# Output:
example.com.    300    IN    A    93.184.216.34

↑ Options

Set Number of Retries[edit | edit source]

# Limit query retries to 1 attempt
dig +tries=1 A example.com

# Output:
example.com.    300    IN    A    93.184.216.34

↑ Options

Force TCP Query[edit | edit source]

# Force DNS query over TCP
dig +tcp A example.com

# Output:
example.com.    300    IN    A    93.184.216.34

↑ Options

See Also[edit | edit source]

Retrieved from "https://hackops.wiki/index.php?title=Dig&oldid=148"