Dnsbruter is a lightweight, fast, and smooth asynchronous DNS brute-forcing and fuzzing tool designed for penetration testers, ethical hackers, and anyone conducting active attack surface reconnaissance. This tool helps you discover subdomains and identify vulnerabilities in it.
- Improved Speed & Efficiency: Significantly faster and smoother DNS brute-forcing with lightweight resource usage.
- Memory & Resource Management: Optimized to handle large-scale DNS scans without consuming excessive system resources.
- Flexible Input: Supports both stdin and file-based domain lists for DNS brute-forcing.
- Concurrency Control: Rate limiting and concurrency management to ensure stable performance under heavy loads.
- JSON Output: Option to save scan results in a structured JSON format for easy integration with other tools.
Dnsbruter can be installed quickly using various methods, including pip, pipx, and Docker. Choose the method that best suits your environment.
Ensure you have pip installed with the latest version of Python:
pip install --break-system-packages git+https://github.com/RevoltSecurities/Dnsbruter.gitFor isolated Python environments, you can use pipx:
pipx install git+https://github.com/RevoltSecurities/Dnsbruter.gitFor Docker-based environments, build the Docker image using:
git clone https://github.com/RevoltSecurities/Dnsbruter.git && cd Dnsbruter
sudo docker build -t dnsbruter .Docker Usage:
sudo docker run --rm -it -v /path/to/wordlist.txt:/opt/wordlist.txt -v $(pwd):/output dnsbruter -d google.com -w /opt/wordlist.txt --output /output/test.txtTo use Dnsbruter, execute the following command to display help options:
dnsbruter -hThis will show you the following available options:
dnsbruter -h
__ __ __
____/ / ____ _____ / /_ _____ __ __ / /_ ___ _____
/ __ / / __ \ / ___/ / __ \ / ___/ / / / / / __/ / _ \ / ___/
/ /_/ / / / / / (__ ) / /_/ / / / / /_/ / / /_ / __/ / /
\__,_/ /_/ /_/ /____/ /_.___/ /_/ \__,_/ \__/ \___/ /_/
- RevoltSecurities
[DESCRIPTION]: dnsbruter is a powerfull tool for asynchronous dns brutforcing and fuzzing with wildcard detection
[Usage]:
dnsbruter [options]
[OPTIONS]:
[INPUT]:
-d, --domain string : domain name for resolving subdomains.
-dL, --domain-list string : text file contains domain name for dns bruteforcing.
-w, --wordlist string : wordlist path for dnsbruter.
[CONFIG]:
-rl, --resolver string : filename contains list of resolvers (default: system config).
-v, --versbose command : increase the verbosity of output.
-wd, --wildcard-detect command : enable to detect wildcards for found domains.
-ov, --override command : enable to skip the domain verification and this is not applies to when used BRUT in domain.
[RATE-LIMIT]:
-c, --concurrency int : number of concurrency value for dns bruteforcing.
-wt, --wildcard-threds int : number of threads values for wildcard detections.
-rt, --rate-limit int : number of rate limits of DNS queries per second (default: 2000).
-wrt, --wildcard-ratelimit int : number of rate limits for wild card detection (default: 2000).
-dl, --delay int : specify a delay seconds between concurrent DNS quries (default: 1).
[UPDATES]:
-up, --updates command : updates the Dnsbruter for latest version (required: pip to be installed).
-dc, --disable-check command : disable updates check for dnsbruter.
[OUTPUT]:
-o, --output string : filename to save the scans outputs.
-ws, --wildcard-output string : filename to save the found wildcard domains.
-j, --json command : enables to display and save output in json format.
[DEBUG]:
-h, --help command : shows this help message and exits.
-s, --silent command : only shows essetial outputs and avoid other info.Dnsbruter is a powerful asynchronous DNS brute-forcing and fuzzing tool, built for penetration testers and security researchers. It allows you to brute-force valid subdomains and fuzz any portion of a domain name. The tool is highly concurrent and performs well even in resource-constrained environments like low-end VPSs.
Brute-force a single domain and check for valid subdomains using the -d flag.
Command Syntax:
dnsbruter -d <domain>Example:
dnsbruter -d google.comExplanation:
- Dnsbruter will attempt to resolve subdomains of
google.com. - It checks for valid subdomains and accounts for wildcard DNS records to ensure the results are accurate.
Fuzz a specific part of the domain by replacing it with the BRUT keyword.
Command Syntax:
dnsbruter -d <domain_with_BRUT>Example:
dnsbruter -d adminBRUT.google.comExplanation:
- The tool will replace the
BRUTkeyword with different values, such asadmin123,adminxyz, etc. - This method is used for fuzzing and discovering hidden subdomains or alternate domain configurations.
Use the -dL flag to read a list of domains from a file and attempt to brute-force subdomains or fuzz them.
Command Syntax:
dnsbruter -dL <file_with_domains>Example:
dnsbruter -dL domains.txtExplanation:
- Each line in the file should contain a single domain name.
- Dnsbruter will process each domain and attempt brute-force or fuzzing as specified.
You can also pass domains via stdin to integrate Dnsbruter into your scripts or tools.
Command Syntax:
echo "<domain>" | dnsbruter -d -Example:
echo "example.com" | dnsbruter -d -Explanation:
- This allows you to pipe domain names dynamically into Dnsbruter from other tools or scripts.
Dnsbruter is an open-source tool for security researchers and cybersecurity professionals involved in security assessments and information gathering. It is designed to assist in active DNS enumeration. We encourage contributions from the open-source community to improve Dnsbruter and keep it up-to-date. If you find this tool helpful, please show your support by giving ⭐ to the repository.