The next tool I am going to look at is a really great ruby script written by my friend Carlos (Dark operator) Perez. Its called Dnsrecon and is included in Backtrack 4. This is a simple tool written for target enumeration during authorized penetration test engagements. This tool provides different methods for enumerating targets via DNS service.
Backtrack 4: Information Gathering: DNS: Dnsenum – Enumerate information on a domain and discover non-contiguous ip blocks
Dnsenum is a very robust script which was actually written by one of the Backtrack developers when Backtrack was still a Remote-Exploit Project. The author, Filip (barbsie) Waeytens is a Web Application penetration tester and has extensive experience on the topic of DNS and information gathering. Today we will look at some examples of using Dnsenum to passively gather information on a target.
This is going to be the second of my articles on the DNS section of Backtrack 4. While it isn’t as exciting as popping a box with the newest 0-day, passive information gathering in one of the most crucial steps of a successful pentest. Today we are going to look at Dnstracer.
This is one of the first articles in our Backtrack tutorial series. Alex and I will be be going through the entire distro of Backtrack 4 and writing a post on each tool. There is no one blog or web site which has a tutorial on each tool in backtrack so we are going to attempt to do that.
This is the first in a series of Backtrack 4 articles I will be writing regarding the tools available within Backtrack 4. I am fairly new to Backtrack so please comment, teach me, ask questions, or whatever you prefer in the comments section below. I am going to try to go down the list of every single Backtrack 4 tool and write a complete description including instructions on how to use the tools. This first article is on 0trace (0trace.sh) which allows you to perform a traceroute from within an established TCP connection such as HTTP which will be demonstrated below.