DNSBin is a tool to test data exfiltration through DNS. It's helpful for testing out of band attacks when testers try to prove that they can execute commands on a targeted server by connecting to a public domain.
- Generate a random string like
iuhwqerojisdf234df - Perform a
ping,dig,nslookup, etc to the domainiuhwqerojisdf234df.test.dnsbin.net. Note that you have to replace the random string with your string. - DNSBin will receive your DNS query and you can check whether it is successful or not by requesting to
https://dnsbin.net/verify/test/iuhwqerojisdf234df. You get the status true if the command is executed successfully and get false for the failed command.
curl https://dnsbin.net/verify/test/iuhwqerojisdf234df
{"status": true}