DNS
How DNS Works is great. dnsx is great tool.
Notes
dig +noall +answer DOMAIN
will get just the DNS info you want.- Can get your IP using DNS instead of HTTP:
dig +short -4 A myip.opendns.com @resolver1.opendns.com
. For IPv6:dig +short -6 AAAA myip.opendns.com @resolver1.ipv6-sandbox.opendns.com
- The fact that half of Silicon Valley is working hard on "web3" crypto scams while DNS - literally the backbone of almost every Internet query remains insecure, unverified with records taking days to update via TTL is probably the most absurd thing in modern tech.
Links
- How DNS works - Fun and colorful explanation of how DNS works.
- Quad9
- Pi-hole - Can be used as DNS server. (Lobsters)
- Tenta DNS - Recursive and authoritative DNS server in go, including DNSSEC and DNS-over-TLS.
- Trust-DNS - Rust based DNS client, server, and resolver.
- AdGuardHome - Network-wide ads & trackers blocking DNS server.
- PowerDNS - Sources for the PowerDNS Recursor, the PowerDNS Authoritative Server, and dnsdist (a powerful DNS loadbalancer). (Go API)
- Hello, and welcome to DNS! - Attempts to provide a correct introduction to the Domain Name System as of 2018.
- A Cat Explains DNS (2017)
- octoDNS - Tools for managing DNS across multiple providers.
- Gobuster - Directory/File, DNS and VHost busting tool written in Go.
- CoreDNS - DNS server that chains plugins. (Web)
- How we optimized our DNS server using go tools (2020)
- A warm welcome to DNS - Attempts to provide a correct introduction to the Domain Name System as of 2018.
- Public Zone Database (ZoneDB) - Contains a list and associated metadata of public DNS zones.
- ExternalDNS - Synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
- dnslookup - Simple command line utility to make DNS lookups to the specified server.
- Nslookup.io - Find DNS records. (Article) (HN)
- c-ares - C library for asynchronous DNS requests.
- DNS over Wikipedia - Redirect
.idk
domains using the official link found on a topic's Wikipedia page. (HN) (HN) (HN) - dns-proxy-server - Solve your DNS hosts from your docker containers, then from your local configuration, then from internet.
- NextDNS - Block ads, trackers and malicious websites on all your devices. (Article) (HN) (Metadata)
- NextDNS CLI Client (DoH Proxy)
- grimd - Fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers.
- Stubby - Application that acts as a local DNS Privacy stub resolver (using DNS-over-TLS).
- The case of the missing DNS packets: a Google Cloud support story (2020) (HN)
- DNS Proxy - Simple DNS proxy with DoH, DoT, and DNSCrypt support.
- Building a DNS server in Rust (HN)
- DNS-over-HTTPS - High performance DNS over HTTPS client & server.
- Beyond DNS over HTTPS: Trustless DNS Privacy (2020) (Lobsters)
- Where is the DNS Headed? (2020)
- What happens when you update your DNS? (2020) (HN)
- An interview with Paul Mockapetris, the creator of the DNS (2020) (HN)
- DNS Push Notifications (HN)
- DNS questions
- Under the Hood of a Simple DNS Server (2020)
- Understanding DNS—anatomy of a BIND zone file (2020)
- DNSLink - Simple protocol to link content and services directly from DNS.
- DNS flag day (Code)
- Secondary DNS – Deep Dive (2020)
- DNSimple - Secure & Simple DNS Hosting.
- Speeding up HTTPS and HTTP/3 negotiation with... DNS (2020) (Tweet)
- DNS Flag Day 2020
- Unbound - Validating, recursive, and caching DNS resolver. (Web)
- namebench - Open-source DNS Benchmark Utility.
- Yet Another Kubernetes DNS Latency Story (2020)
- Oblivious DoH Library
- Which DNS servers are you pointing to? (HN) (Code)
- Resolve.rs - Troubleshooting website for network and DNS issues. (Code)
- DNS Trends (2020)
- Dynroute53 - Dynamic DNS updater for AWS Route53. Like DDNS for AWS managed domains.
- Handshake - Experimental peer-to-peer root naming system. (Code (HN)
- What Does It Take To Resolve A Hostname (2020)
- dog - Command-line DNS client. (Web) (HN)
- Sad DNS - Revival of the classic DNS cache poisoning attack.
- SAD DNS Explained (2020)
- DNS Resolution: Optimization Tools and Opportunities (2020)
- Improving DNS Privacy with Oblivious DoH (2020) (HN)
- odoh-go - Oblivious DoH library in Go.
- odoh-server-go - Oblivious DoH server in Go.
- DNSTools - Perform DNS lookups, pings, traceroutes, and other utilities, from 24 locations around the world. (Code)
- DIY Dynamic DNS Using Netlify API (2020)
- dcompass - High-performance DNS server with rule matching/DoT/DoH functionality built-in.
- doggo - Command-line DNS Client for Humans. Written in Go. (Lobsters)
- Update your DNS records when abandoning servers (2021)
- nonymous + bore(1): DNS toys for Rust (2021)
- DNS Key Value Storage (HN)
- DNS-LG - REST API allowing to perform DNS queries over HTTP from multiple locations worldwide. (CLI)
- A Name Resolver for the Distributed Web (2021)
- Dns.Watch - Public DNS Servers. (HN)
- ZeroConf - MDNS / DNS-SD Service Discovery in pure Go.
- KadNode - P2P DNS with content key, crypto key and PKI support. DynDNS alternative.
- Container to update DNS records periodically with WebUI for many DNS providers
- Docker DNS server on steroids to access DNS-over-TLS
- DNS over TLS - Thoughts and Implementation (2018)
- DNSCrypt - Protocol that encrypts, authenticates and optionally anonymizes communications between a DNS client and a DNS resolver. (GitHub)
- dnscrypt-proxy - Flexible DNS proxy, with support for encrypted DNS protocols.
- Why updating DNS is slow (HN)
- Please do not put IP addresses into DNS MX records (2021) (HN) (Lobsters)
- Cloudflare DDNS - Access your home network remotely via a custom domain name without a static IP.
- DNS lookup tool (Code) (Article)
- dnc (Domain Name Checker) - CLI tool to check domain names configuration.
- ZDNS - Fast CLI DNS Lookup Tool.
- go-doh-client - Go client library implementation of DNS over HTTPS.
- RouteDNS - DNS stub resolver, proxy and router with support for DoT, DoH, DoQ, and DTLS.
- Stop using low DNS TTLs (2019) (HN)
- dnspeep - Lets you spy on the DNS queries your computer is making.
- hyper-dns - DNS lookup for dat/hyper archives.
- The Sisyphean Task Of DNS Client Config on Linux (2021) (HN) (Lobsters)
- We Built Our Own DNS Infrastructure (2021)
- DNS Violations - List of DNS violations by implementations, software and/or systems.
- dnspython - Powerful DNS toolkit for python.
- inadyn - Dynamic DNS client with SSL/TLS support. (Web)
- Anubis - Subdomain enumeration and information gathering tool.
- ddclient - Perl client used to update dynamic DNS entries for accounts on many dynamic DNS services.
- dnsharper - Small DNS server to lookup local network IPs by their MAC addresses.
- DNS Based Discovery (2020)
- Anatomy of a Linux DNS Lookup (HN)
- MaraDNS - Small open-source DNS server. (Web)
- odoh-client-rs - Oblivious DoH client application written in Rust.
- HN: DNS-powered website with no back end (2021)
- DNS Explained in 100 Seconds
- meshname - Universal naming system for all IPv6-based mesh networks, including CJDNS and Yggdrasil.
- dn42 - Big dynamic VPN.
- Bulldohzer - Performance measurement tool for DNS. It supports DNS-over-HTTPS (DoH) and DNS-over-UDP (Do53).
- (All) DNS Resource Records (2021) (HN) (Tweet)
- DNS Privacy Considerations (HN)
- HTML over DNS: Serving Blog Content over DNS (HN)
- nailgun - DNS performance testing client written in Rust.
- DNSTake - Fast tool to check missing hosted DNS zones that can lead to subdomain takeover.
- Cloudflare Dynamic DNS IP Updater - Script used to update dynamic DNS entries for accounts on Cloudflare.
- Faster Top Level Domain Name Extraction with Rust (2021)
- Decentralizing the Internet's Root (2021) (HN)
- DNS Record Types (HN)
- localtls - DNS server for providing TLS to webservices on local addresses.
- dnsjit - Engine for capturing, parsing and replaying DNS.
- Knot Resolver - Caching full resolver implementation written in C and LuaJIT, both a resolver library and a daemon. (Web)
- DNS-OARC - DNS Operations, Analysis and Research Center. (GitHub)
- dnsfs - Store your data in others DNS resolvers cache.
- Facebook-owned sites are down due to DNS (Tweet) (Tweet) (Tweet) (Tweet) (Tweet) (HN) (HN) (HN) (Reddit) (HN) (Reddit)
- Understanding How Facebook Disappeared from the Internet (2021) (HN)
- Why was Facebook down for five hours? (2021) (Lobsters)
- Running BGP in Data Centers at Scale (2021)
- What is BGP? | BGP routing explained (HN)
- Tools to explore BGP (HN)
- Simple, fast DNS-over-TLS forwarding server - Forwards to an user-specified list of upstream DNS-over-TLS servers in parallel, returning and caching the first result received.
- A short overview of DNS (2021) (Lobsters)
- SubBrute - DNS meta-query spider that enumerates DNS records, and subdomains.
- DNS-client - Implementation of a DNS-client using a socket library.
- Reserved Top Level DNS Names
- Fixing reachability to 1.1.1.1, Globally (2018)
- Bob Wallet - Desktop application for DNS management and name auctions on Handshake. (Code)
- shakedex - Decentralized exchange for Handshake names.
- LLMNR, Multicast DNS and names on your LAN (2021)
- Google Public DNS
- dnstrace - DNS resolution tracing tool.
- Lepus - Subdomain finder.
- Hunting Newly Registered Domains
- q - Tiny command line DNS client with support for UDP, DoT, DoH, DoQ, and ODoH. (HN)
- PacketFrame - Open Source CDN for authoritative DNS and HTTP caching. (Web)
- How do you tell if a problem is caused by DNS? (2021) (Lobsters)
- DNS Comparison - Enter a domain to compare it on different DNS providers. (Code)
- nip.io - Wildcard DNS for any IP Address. (Code)
- sslip.io - Go-based DNS server which maps DNS records with embedded IP addresses to those addresses. (Code)
- DNSControl - Opinionated platform for seamlessly managing your DNS configuration across any number of DNS hosts, both in the cloud or in your own infrastructure. (Code)
- Minica - Small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
- LDNS - DNS library that facilitates DNS tool programming. (Web)
- Go-Wild-DNS - Micro DNS-server that implements wildcard-ip DNS magic functionality.
- The case of the recursive resolvers: What happened during Slack’s DNSSEC rollout (2021) (HN)
- It is always the DNS (2021) (HN)
- domain - DNS library for Rust.
- NLnet Labs - Serving the Internet community since 1999 with core infrastructure tools for DNS and BGP. (GitHub)
- How to use Dig (2021) (HN)
- DNS doesn't "propagate" (2021)
- Learning DNS by modeling it with ALloy
- DNS Test Suite - Erlang app for testing authoritative DNS servers for compliance.
- Mess with DNS (2021) (Code) (HN)
- knary - Simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark & Pushover support.
- dns-packet - Abstract-encoding compliant module for encoding / decoding DNS packets.
- ocaml-dns - OCaml implementation of the DNS protocol.
- Cloudflare Dynamic DNS - Updates a given a DNS record with your current IP.
- dns2 - DNS Server and Client Implementation in Pure JavaScript with no dependencies.
- Overture - Customized DNS relay server.
- dns-exfil - Run a DNS server for the purpose of logging DNS questions.
- Why might you run your own DNS server? (2022)
- iodine - Tunnel IPv4 data through a DNS server. (Web)
- encrypted-dns-configs - Configuration profiles for DNS over HTTPS and DNS over TLS.
- How to find a domain's authoritative nameservers (2022) (HN)
- Cloudflare DDNS - Small and fast DDNS updater for Cloudflare.
- Alternative DNS Roots (HN)
- DNS Collector - High speed passive DNS collector with dnstap support, dns traffic sniffer and more.
- Lexicon - Manipulate DNS records on various DNS providers in a standardized/agnostic way.
- Some ways DNS can break (2022) (HN)
- Noisy - Simple random DNS, HTTP/S internet traffic noise generator.
- DNS resolver in 80 lines of Go (2022) (HN)
- devdns - Automagic Docker DNS for local development.
- DNS lookup cache for Go
- Caching DNS Resolver - Cache DNS A and AAAA record resolutions.
- rustdns - Simple, fast, and fully fledged DNS library for interacting with domain name services at a high or low level.
- Some things about getaddrinfo that surprised me (2022)
- DNSRecon - DNS Enumeration Script.
- mdns - Multicast DNS client in Rust.
- Ask HN: Neutral DNS servers? (2022)
- Bunny DNS - Scriptable DNS platform. (HN)
- Haskell DNS - Highly concurrent DNS library purely in Haskell.
- DNS Transport over TCP - Operational Requirements
- How to Detect DNS Tunneling in the Network? (2021) (Reddit)
- certutils - Wildcard certificates tools: Obtain certbot's (Let's Encrypt) wildcard certificates by updating DNS TXT records and answering stupid certbot questions for you.
- DNS Leak Test - Shows DNS leaks and your external IP. If you use the same ASN for DNS and connection - you have no leak. (Code)
- Encrypted DNS Server - Easy to install, high-performance, zero maintenance proxy to run an encrypted DNS server.
- ZeroNS - DNS server for ZeroTier users.
- crt.sh - Certificate Search.
- cli53 - Command line tool for Amazon Route 53.
- What I learned from making a DNS client in Rust (HN) (Reddit)
- Dingo - Command-line DNS client using bitvec, nom and RFC 1035.
- Dynamic DNS with Docker, Go and Bind9
- Erlang DNS Server - Serve DNS authoritative responses with Erlang.
- libdns - Universal DNS provider APIs for Go.
- How DNS Works
- dness - Dynamic DNS client.
- dnsx - Fast and multi-purpose DNS toolkit allow to run multiple DNS queries.
- Wildcard proxy for everyone (2022)
- HAnoProxY - DNS server offering proxyless high availability and load balancing for applications.
- KittenDNS - Easy to setup, rule engine, LetsEncrypt compatible. (HN)
- Tsein DNS - Robust and high performance DNS resolver supporting multiple DNS protocols.
- Dename - DNS Server framework for Deno.
- ratelimit - CoreDNS plugin that enables response rate limiting to mitigate DNS attacks.
- DNS Toys - DNS server that offers useful utilities and services over the DNS protocol. (Code) (Lobsters) (HN)
- GoDNS - Dynamic DNS (DDNS) client tool.
- aardvark-dns - Authoritative DNS server for A/AAAA container records. Forwards other request to host's /etc/resolv.conf.
- Pion mDNS - Go implementation of mDNS.
- Wordle over DNS
- Resolvers - Most exhaustive list of reliable DNS resolvers.
- Ferret: Automatically finding RFC compliance bugs in DNS nameservers (2022)
- tolower() in bulk at speed (2022)
- A DNS name compression algorithm (2022)
- cacheable-lookup - Cacheable dns.lookup(…) that respects TTL.
- Apple NextDNS Configuration Profile
- DNS Esoterica – Why you can’t dig Switzerland (2022) (HN)
- doh-proxy - Fast, mature, secure DoH and ODoH server proxy written in Rust.
- PyDomainExtractor - Blazingly fast domain extraction library written in Rust.
- Serverless DNS - Self-Hosted DNS Resolver at the Edge. (HN)
- Building a Recursive DNS Resolver (2022) (HN)
- dnsv2 - Alternative (more granular) approach to a DNS library.
- Fast DNS package for Go - Tuned for high performance. Zero memory allocations in almost paths. Up to 1M QPS on a single host.
- What happens if you point two CNAMEs at each other? Not much, really (2022)
- Cheap DNS providers
- Why do domain names sometimes end with a dot? (2022)
- Asynchronous DNS in Rust
- SpyCast - Cross platform mDNS enumeration tool.
- Writing a toy DNS Server in Rust using Trust DNS (2022)
- Can I Take Over DNS? - List of DNS providers and whether their zones are vulnerable to DNS takeover.
- Let's Encrypt Wildcard Certificates Made Easy with Agnos (2022)
- Why it's called "MagicDNS" instead of "Magic DNS" (2022)
- MagicDNS is Generally Available (2022) (HN)
- Automated learning of regexes for DNS discovery
- DNS privacy with speed? Evaluating DNS over QUIC and its impact on web performance (2022)
- DNS Response Size (2022)
- Making a DNS query in Ruby from scratch (2022) (HN)
- Stop using low DNS TTLs (2019) (HN)
- macOS DNS resolving change in Go 1.20 (2022)
- Zig-DNS - Experimental DNS library implemented in Zig.
- DNS over Ping
- Faster DNS name decompression (2022)
- Subdomain Sleuth - Scanner to identify dangling DNS records and subdomain takeovers.
- acme-dns - Simplified DNS server with a RESTful HTTP API to provide a simple way to automate ACME DNS challenges.
- Agnos - Obtain (wildcard) certificates from let's encrypt using dns-01 without the need for API access to your DNS provider.
- NSD - Authoritative DNS name server.
- ctrld - Highly configurable, multi-protocol DNS forwarding proxy.
- DNS LOC (2022)
- mdns-sd - Rust library for mDNS based Service Discovery.
- doh - DNS over HTTPs command-line client.
- Can I takeover XYZ? - List of services and how to claim (sub)domains with dangling DNS records.
- MassDNS - High-performance DNS stub resolver.
- resolved - Simple DNS server for home networks.
- FaF DNS Proxy - DNS-over-TLS (DoT) Proxy, Engineered for Speed.
- Building a CoreDNS plugin (2023)
- dns-detector - Tiny Node cli tool to resolve host IPs and find the fastest IP.
- Bizarre and Unusual Uses of DNS (2023) (HN)
- How Rust and Wasm power Cloudflare's 1.1.1.1 (2023)
- sniproxy - SNI proxy with embedded DNS server that supports blocking and forwarding rules.
- Learning DNS in 10 Years (2023) (HN)
- State of DNS Rebinding in 2023
- Implement DNS in a Weekend (2023) (HN)
- Meta's DNS Go libraries
- Globalping - Global network of probes to run network tests like ping, traceroute and DNS resolve.
- assetfinder - Find domains and subdomains potentially related to a given domain.
- netns-proxy - Automated configuration of network namespaces with tun2socks TUN-ified socks5 proxies as default gateways. Dnsproxy is run in each netns. Gost for proxy-chaining.
- Simple and secure DNS client crate for Rust
- Brute-forcing a macOS user’s real name from a browser using mDNS (2023)
- odoh-rs - Oblivious DoH library in Rust.
- Why is DNS still hard to learn? (2023) (HN)
- vodo - Primitive DNS server written in Rust.
- puredns - Fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
- mDNS Primer (2023)
- libmdns - mDNS Responder library for building discoverable LAN services in Rust.