dnsdumpster.com - Domain Intelligence Reports

Information about dnsdumpster.com domain reporting

What are these dns intelligence reports

The most common use of dns intelligence reports derived from a domain name are to gather information about an organizations information technology infrastructure. This can reveal office locations, systems in use, partners, technology providers and contact details that can be useful to system administrators, investigators, security analysts, malware researchers, law enforcement and intelligence agencies.

The footprinting of a domain can reveal weak system points that can be attacked by pentesters, security analysts during an assessment or adversaries of an organization who may be conducting targeted attacks.

By making these sorts of reports easily available end users and corporations are able to quickly assess what public information is available on the internet regarding the organization so they can take steps to protect the assets.

Types of Information collected

Starting with a domain name, DNS is interrogated to begin the discovery of related hosts, common subdomains are searched as are nearby IP addresses. Once a list of subdomains are found each are resolved and then each IP address is searched using domain registration records.

IP addresses of discovered hosts are located using geolocation technology and the ISP or Organizational owner are discovered. The web server is fingerprinted by doing a single web request to the www host of the domain.

How intrusive is the intelligence collection

The only packets sent to target systems are DNS queries hitting the organization's dns servers (if they run dns themselves) and a single web page get of the main host on www. No other probes or information is transmitted to the organization's IT systems.

Our parent site http://www.hackertarget.com has more advanced security testing options that include vulnerability scanning, advanced domain profiling and manual security assessments.

A project of HackerTarget.com

HackerTarget.com started this project so that end users and businesses are able to quickly identify how much information is available regarding your organization just from a few simple queries and databases. This is the type of information that can be used in further security assessments or attacks against your oragnization so it is a very good idea to be aware of how easy it can be.

Automated security testing cannot replace a trainined security analyst, it does however provide an easy, fast and affordable way to get a quick overview of your security posture. Further testing can then be followed up or experts can be brought in depending on the situation and environment.