53 - DNS

Forward Lookup: Domain → IP Reverse Lookup: IP → Domain

Following does the job

1. nslookup: nslookup --- SERVER <IP> --- 127.0.0.1

2. God command: dig @<IP> any <domain_name>

3. God command: dig axfr <domain_name> @<IP>

4. Nmap: nmap -n --script "(default and dns) or fcrdns or dns-srv-enum or dns-random-txid or dns-random-srcport" <IP>

5. DNSRecon: dnsrecon -d <domain_name> -n <IP>

6. DNSEnum: dnsenum <domain_name>

7. Nmap Zone Transfer: nmap --script=dns-zone-transfer -p 53 <domain_name>

53 - Pentesting DNSHackTricks