Dnsmap

From HackOps
Jump to navigation Jump to search

dnsmap[edit | edit source]

dnsmap is an open-source C utility that performs fast **brute-force subdomain enumeration**. It resolves each candidate name against a chosen DNS resolver, stores live hosts, and outputs simple CSV or text reports. Unlike full-spectrum tools such as dnsenum, dnsmap focuses purely on word-list brute-forcing and wildcard detection.

Common Options[edit | edit source]

Enumeration[edit | edit source]

Option Description
[WORDLIST] Custom wordlist file (default: dnsmap.txt in tool directory)
-d [DOMAIN] Target domain (required)
-s [SERVER] Use specific DNS resolver (default: system resolver)
-c Check for wildcard DNS and filter false positives
-w [MS] Delay (milliseconds) between queries (throttle speed)

Output[edit | edit source]

Option Description
-o [FILE] Save results in CSV format
-v Verbose output showing every query
-q Quiet mode (show only found subdomains)

Examples[edit | edit source]

Basic Subdomain Brute-Force[edit | edit source]

dnsmap -d example.com

↑ Options

Use Custom DNS Resolver[edit | edit source]

dnsmap -d example.com -s 8.8.8.8

↑ Options

Detect and Filter Wildcard DNS[edit | edit source]

dnsmap -d example.com -c

↑ Options

Throttle Queries (200 ms Delay)[edit | edit source]

dnsmap -d example.com -w 200

↑ Options

Save Results to CSV[edit | edit source]

dnsmap -d example.com -o found.csv

↑ Options

Output Fields[edit | edit source]

  • Subdomain that successfully resolved
  • Resolved IP address (first A-record)
  • Optional CSV output: subdomain,ip

See Also[edit | edit source]

Retrieved from "https://hackops.wiki/index.php?title=Dnsmap&oldid=103"