Explanation

 

Click Here for a film explaining the process of the DNS

 

An oft-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the addresses 192.0.43.10 (IPv4) and 2001:500:88:200::10 (IPv6). Unlike a phone book, the DNS can be quickly updated, allowing a service's location on the network to change without affecting the end users, who continue to use the same host name. Users take advantage of this when they use meaningful Uniform Resource Locators (URLs), and e-mail addresses without having to know how the computer actually locates the services.The tools here are some of the most valuable OSINT tools you will use . Take time to get your head around DNS You will reap the rewards.

 

Here are a few tools to try out. As long as you dont ping or traceroute them at any time, it will be very difficult for the destination URL to see where they came from

Firstly, try The following are cmd entires on your computer. Try them to see what you get (safe)

 

Nslookup icann.org in cmd. This is basic search

Nslookup -q=mx icann.com in cmd this is mailservers

Nslookup -q=ns icann.com in cmd. This is nameserver

Nalookup -q=aaaa icann.com in cmd this is the ipv6

Nalookup -q=any icann.com in cmd this is all data

 

Heres a list of tools and pages that you may find useful

 

MyDNStools

 

DNS server maps ( europe)

 

DNS tools

 

Dns.robtex.com.

 

Whois icann.org

 

Whois.software.informer.com/download-whois-msdos/

 

Domaintools.com

 

Www.bfk.de/bfk_dnslogger.html

 

http//Code.google.com/p/passive-dns-query-tool/

 

www.Spamcop.net

 

Www.shadowserver.org

 

www.Sameip.org - who is also on the same IP

 

www.Zone-h.org - lists hacking sites and reports of website takeovers

 

Spamhaus - domain block list and ROKSO

 

Surbl - checks the integrity of a URL

 

Zeustracker

 

Team cymru

 

Alexa

 

Clean mx

 

Cbl

 

Virustotal

 

Anubis

 

Threatexpert

 

Urlquery.net - search any url including sub pages

 

Sitevet.com - Useful for ASN

 

Wepawet

 

Hostexploit.com

 

Senderscore.org - nx record data

 

Projecthoneypot.org - dir of malicious IP, drill down re co, ASN etc

 

www.paterva.com- maltego

 

 

© Trace Tools 2014. No unauthorised reproduction or use for training without express permission of Tracetools