NSEC[3] Walking for DNSSEC
Go to file
2024-03-18 18:27:03 -04:00
.screens nwalk script for NSEC crawling complete, optimized to pipe in from the stdin, documentation updated 2024-03-18 18:27:03 -04:00
dnssec_stats nwalk script for NSEC crawling complete, optimized to pipe in from the stdin, documentation updated 2024-03-18 18:27:03 -04:00
extras nwalk script for NSEC crawling complete, optimized to pipe in from the stdin, documentation updated 2024-03-18 18:27:03 -04:00
LICENSE Updated mirrors and LICENSE 2024-01-20 19:23:34 -05:00
nsec3 Added full dnssec data for all tlds and started improving nsec/nsec3 walks 2023-11-13 23:01:08 -05:00
nwalk nwalk script for NSEC crawling complete, optimized to pipe in from the stdin, documentation updated 2024-03-18 18:27:03 -04:00
README.md nwalk script for NSEC crawling complete, optimized to pipe in from the stdin, documentation updated 2024-03-18 18:27:03 -04:00

NSECX

Research project on NSEC[3] walking for DNSSEC enabled Zones

[Work in Progress]

The repository contains utilities for DNSSEC zone enumeration and subdomain discovery via NSEC/NSEC3 walking. It focuses on extracting and analyzing DNSSEC records for TLDs and specific target domains. Meant for educational purposes, security research, and sanctioned penetration testing, these tools aid in uncovering the underlying mechanisms of DNS security.

DNSSEC Statistics

Status Percentage TLDs
NSEC3 90% 1,313
NSEC 3% 51
NO DNSSEC 7% 98

NSEC Pitfalls

  • Results inconsistent, must hop dns servers on ALL issues to continue the crawl.

  • Running into \000 (null) characters in sub-domains (strange bind version issue missing "w" character in the charmap)

  • Running into *.domain.tld issues creates a crawling loop :

Next domain: myfreedom.auto.
Next domain: ne.auto.
Next domain: neom.auto.
Next domain: netdirector.auto.
Next domain: netprophet.auto.
Next domain: netto.auto.
Next domain: newjersey.auto.
Next domain: nexteer.auto.
Next domain: nextev.auto.
Next domain: nh.auto.
Next domain: nic.auto.
Next domain: *.nic.auto.
Next domain: _c311ff38bcd400b0adf7fa2b71732858.nic.auto.
Next domain: a.nic.auto.
Next domain: b.nic.auto.
Next domain: c.nic.auto.
Next domain: d.nic.auto.
Next domain: web1.nic.auto.
Next domain: web2.nic.auto.
Next domain: whois.nic.auto.
Next domain: _aa5536969dd3a62238209b6b2b750c1c.whois.nic.auto.
Next domain: www.nic.auto.
Next domain: _b529263a31adafb2e3be5d632e66c16b.www.nic.auto.
Next domain: nic.auto.
Next domain: *.nic.auto.
Next domain: _c311ff38bcd400b0adf7fa2b71732858.nic.auto.
Next domain: a.nic.auto.
Next domain: b.nic.auto.
Next domain: c.nic.auto.
Next domain: d.nic.auto.
Next domain: web1.nic.auto.
Next domain: web2.nic.auto.
Next domain: whois.nic.auto.
Next domain: _aa5536969dd3a62238209b6b2b750c1c.whois.nic.auto.
Next domain: www.nic.auto.
Next domain: _b529263a31adafb2e3be5d632e66c16b.www.nic.auto.
Next domain: nic.auto.
Next domain: *.nic.auto.
Next domain: _c311ff38bcd400b0adf7fa2b71732858.nic.auto.

References


Mirrors for this repository: acid.vegasSuperNETsGitHubGitLabCodeberg