Skip to content
/ DNSValidator Public

Filters a list of IPv4 DNS Servers by verifying them against baseline servers, and ensuring accurate responses.

License

GPL-3.0 license
8 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

frost19k/DNSValidator

BranchesTags

Repository files navigation

DNSValidator

License Python 3.10

Forked from https://github.com/vortexau/dnsvalidator.
This version is much less feature rich than the original. However, it doesn't look like the original is being maintained & there is a possibility that it will not return an output (see: vortexau/dnsvalidator#27)

Table of Contents:

  1. What does this do?
  2. How do I get it?
  3. How do I use it?
  4. You should know.

What does this do?

DNSValidator's approach is different to other DNS query validation tools. This tool performs multiple validation steps on each resolver:

  • Baselines non-geolocated domain names against "trusted" public DNS resolvers i.e. 1.1.1.1 (Cloudflare), 8.8.8.8 (Google), and 9.9.9.9 (Quad9)
    • For each resolver being tested DNS Validator ensures that each baseline domain name resolves to the same IP Address.
    • Servers that return an answer that differs from the baseline are immediately skipped
  • Performs DNS lookup of known commonly spoofed DNS addresses to ensure NXDOMAIN is returned when expected.
    • Resolvers that do not return NXDOMAIN for random subdomains of known bad target domains are immediately skipped.

How do I get it?

GitHub 

❯ git clone https://github.com/frost19k/DNSValidator.git ./dnsvalidator
❯ cd ./dnsvalidator
❯ pip3 install .

Docker

Pull from Docker Hub

❯ docker pull frost19k/dnsvalidator

Build it yourself

❯ git clone https://github.com/frost19k/DNSValidator.git ./dnsvalidator
❯ cd ./dnsvalidator
❯ docker buildx build -t dnsvalidator .

How do I use it?

CLI

Argument Description
-i, --input-file File containing Public DNS Servers (Default: public-dns.info)
-o, --output-file Output file name (Default: "./resolvers.txt")
-r, --root-domain Root domain to validate against (default: bet365.com)
-t, --threads Number of concurrent threads (Default: 2)
-v, --verbose Print additional error messages
-q, --quiet Do not print banner or error messages 
❯ dnsvalidator -i nameservers.txt -o myResolvers.txt -t 12

Docker 

❯ docker run -it --rm -v "${PWD}":"/output" frost19k/dnsvalidator -t 12

You should know

  • Only IPv4 DNS Resolvers are validated at the current time. IPv6 resolvers are skipped.

  • WARNING: Keep the thread count at a reasonable level and/or use a VPS/VPN appropriately. Pushing the thread count too high will give the impression that you are attempting to attack DNS servers, resulting in network level DNS blocks from your ISP.

About

Filters a list of IPv4 DNS Servers by verifying them against baseline servers, and ensuring accurate responses.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

8 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

3 tags

Packages

No packages published

Languages