Active Directory Integrated DNS dump tool
By default any user in Active Directory can enumerate all DNS records in the Domain or Forest DNS zones, similar to a zone transfer. This tool enables enumeration and exporting of all DNS records in the zone for recon purposes of internal networks.
For more info, read the associated blog post.
Install and usage
You can either install the tool via pip with
pip install adidnsdump or install it from git to have the latest version:
git clone https://github.com/dirkjanm/adidnsdump cd adidnsdump pip install .
pip install git+https://github.com/dirkjanm/adidnsdump#egg=adidnsdump
The tool requires
dnspython to function. While the tool works with both Python 2 and 3, Python 3 support requires you to install impacket from GitHub.
Installation adds the
adidnsdump command to your
PATH. For help, try
The tool can be used both directly from the network and via an implant using proxychains. If using proxychains, make sure to specify the