Puredns is a high-performance subdomain bruteforcing and DNS resolution tool designed for security researchers and penetration testers. It leverages massdns for rapid query resolution and incorporates advanced algorithms to accurately filter out wildcard subdomains and mitigate DNS poisoning, providing cleaner, more reliable results.

How It Works

Puredns operates in three stages: mass resolution using public DNS resolvers via massdns, wildcard detection using a caching algorithm to minimize queries and validate against DNS answers, and final validation against a list of trusted resolvers to prevent DNS poisoning. This multi-stage approach ensures high accuracy and efficiency in identifying valid subdomains.

Quick Start & Requirements

• Installation: go install github.com/d3mondev/puredns/v2@latest
• Prerequisites: massdns binary must be installed and in the system's PATH or specified via --bin. Go (latest two major releases) is required for building. A list of public DNS resolvers (resolvers.txt) is necessary.
• Usage: puredns bruteforce <wordlist> <domain> or puredns resolve <domain_list.txt>.
• Resources: Refer to Trickest's resolvers list or public-dns.info for resolver lists.

Highlighted Details

• Resolves thousands of DNS queries per second.
• Accurately filters wildcard subdomains and detects wildcard roots.
• Validates results against trusted resolvers to circumvent DNS poisoning.
• Supports input from stdin and outputting clean results for automation pipelines.

Maintenance & Community

The project is actively maintained by d3mondev. Contributions are welcomed via issues for bugs and feature ideas; pull requests for trivial changes are not accepted.

Licensing & Compatibility

Licensed under GNU GPLv3. This license may impose copyleft restrictions on derivative works, potentially requiring them to also be open-sourced under GPLv3 if linked.

Limitations & Caveats

Wildcard detection can be challenging with heavy DNS load balancing, potentially requiring increased --wildcard-tests. Large input lists with many wildcards may cause out-of-memory errors, addressable by using --wildcard-batch. The tool does not automatically sanitize unrelated domains returned by some public resolvers.