puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
It uses massdns, a powerful stub DNS resolver, to perform bulk lookups. With the proper bandwidth and a good list of public resolvers, it can resolve millions of queries in just a few minutes. Unfortunately, the results from massdns are only as good as the answers provided by the public resolvers. The results are often polluted by wrong DNS answers and false positives from wildcard subdomains.
puredns solves this with its wildcard detection algorithm. It can filter out wildcards based on the DNS answers obtained from a set of trusted resolvers. It also attempts to work around DNS poisoning by validating the answers obtained using those trusted resolvers.
Think this is useful? ⭐ Star us on GitHub — it helps!
Puredns requires massdns on the host machine. If the path to the massdns binary is present in the PATH environment variable, puredns will work out of the box. A good place to copy the massdns executable is /usr/local/bin on most systems. Otherwise, you will need to specify the path to the massdns binary file using the –bin command-line argument.
The following should work on most Debian based systems. Follow the official instructions for more information.
git clone https://github.com/blechschmidt/massdns.git
cd massdns
make
sudo make install
GO111MODULE=on go get github.com/d3mondev/puredns/v2
go install github.com/d3mondev/puredns/v2@latest
puredns [command]
Examples:
puredns resolve domains.txt
puredns bruteforce wordlist.txt domain.com --resolvers public.txt
cat domains.txt | puredns resolve
Available Commands:
bruteforce Bruteforce subdomains using a wordlist
resolve Resolve a list of domains
sponsors Show the active sponsors <3
Flags:
-q, --quiet quiet mode
-h, --help help for puredns
-v, --version version for puredns
Use "puredns [command] --help" for more information about a command.
$ cat dnslist
google.com
cloudflare.com
facebook.com
instagram.com
n0tarealdomain.com
$ ./puredns resolve dnslist
_
| |
_ __ _ _ _ __ ___ __| |_ __ ___
| '_ \| | | | '__/ _ \/ _` | '_ \/ __|
| |_) | |_| | | | __/ (_| | | | \__ \
| .__/ \__,_|_| \___|\__,_|_| |_|___/
| |
|_| puredns v2.0.1
Fast and accurate DNS resolving and bruteforcing
Crafted with <3 by @d3mondev
https://github.com/sponsors/d3mondev
------------------------------------------------------------
[+] Mode : resolve
[+] File : dnslist
[+] Resolvers : resolvers.txt
[+] Rate Limit : unlimited
[+] Rate Limit (Trusted) : 500 qps
[+] Wildcard Threads : 100
[+] Wildcard Tests : 3
------------------------------------------------------------
Resolving domains with public resolvers
[ETA 00:00:00] |██████████████████████████████████████| 5/5 rate: 5 qps (time: 00:00:00)
Detecting wildcard root subdomains
[ETA 00:00:00] |██████████████████████████████████████| 4/4 queries: 0 (time: 00:00:00)
Validating domains against trusted resolvers
[ETA 00:00:00] |██████████████████████████████████████| 4/4 rate: 4 qps (time: 00:00:00)
Found 4 valid domains:
google.com
instagram.com
facebook.com
cloudflare.com