DNS tools
Project description
Quick overview:
>>> from dnsknife import resolver
>>> ans = resolver.query('example.com', 'A', dnssec=True)Specific queries shortcuts:
>>> import dnsknife
>>> print dnsknife.Checker('example.com').mx()
[]
>>> print dnsknife.Checker('example.com').spf()
None
>>> print dnsknife.Checker('example.com').txt()
$Id: example.com 4415 2015-08-24 20:12:23Z davids $
v=spf1 -allChecking a domain TXT record is installed, looking at each domain NS (no local caches) for a match:
>>> from dnsknife import Checker
>>> Checker('example.com', direct=True).has_txt('dbef8938bef', ['www'], ignore_case=True)
FalseQuerying a few dozen things at the same time:
>>> from dnsknife.resolver import Resolver
>>> with Resolver(timeout=2) as r:
a = r.query_at('www.example.com', 'A', '1.2.3.4')
...
x = r.query_at('www.example.com', 'A', '1.2.3.4')
>>> print a.get()
<dns.resolver.Answer at 0x7f6e3d398ad0>
>>> print x.get()
<dns.resolver.Answer at 0x7f6e3d398bd0>Scanning a zone:
In [16]: from dnsknife.scanner import Scanner
In [9]: time list(scanner.Scanner('google.com').scan())
CPU times: user 476 ms, sys: 28 ms, total: 504 ms
Wall time: 2.4 s
Out[9]:
[<DNS mail.google.com. IN CNAME RRset>,
<DNS support.google.com. IN CNAME RRset>,
<DNS google.com. IN A RRset>,
<DNS google.com. IN AAAA RRset>,
<DNS google.com. IN NS RRset>,
<DNS google.com. IN MX RRset>,
<DNS google.com. IN TXT RRset>,
<DNS www.google.com. IN A RRset>,
<DNS www.google.com. IN AAAA RRset>,
<DNS googlemail.l.google.com. IN A RRset>,
<DNS googlemail.l.google.com. IN AAAA RRset>,
<DNS mail.google.com. IN TXT RRset>,
<DNS corp.google.com. IN A RRset>,
<DNS corp.google.com. IN AAAA RRset>,
<DNS corp.google.com. IN NS RRset>,
<DNS admin.google.com. IN A RRset>,
<DNS admin.google.com. IN AAAA RRset>,
<DNS www3.l.google.com. IN A RRset>,
<DNS www3.l.google.com. IN AAAA RRset>,
<DNS googlemail.l.google.com. IN A RRset>,
<DNS googlemail.l.google.com. IN AAAA RRset>,
<DNS www3.l.google.com. IN A RRset>,
<DNS www3.l.google.com. IN AAAA RRset>,
<DNS ns4.google.com. IN A RRset>,
<DNS ns2.google.com. IN A RRset>,
<DNS ns1.google.com. IN A RRset>,
<DNS ns3.google.com. IN A RRset>,
<DNS alt4.aspmx.l.google.com. IN A RRset>,
<DNS alt4.aspmx.l.google.com. IN AAAA RRset>,
<DNS aspmx.l.google.com. IN A RRset>,
<DNS aspmx.l.google.com. IN AAAA RRset>,
<DNS alt2.aspmx.l.google.com. IN A RRset>,
<DNS alt2.aspmx.l.google.com. IN AAAA RRset>,
<DNS alt1.aspmx.l.google.com. IN A RRset>,
<DNS alt1.aspmx.l.google.com. IN AAAA RRset>,
<DNS alt3.aspmx.l.google.com. IN A RRset>,
<DNS alt3.aspmx.l.google.com. IN AAAA RRset>,
<DNS ns2.google.com. IN A RRset>,
<DNS ns1.google.com. IN A RRset>,
<DNS ns3.google.com. IN A RRset>,
<DNS ns4.google.com. IN A RRset>]It can be used for DNSSEC lookups, implements a few CDS/CDNSKEY drafts:
>>> c = Checker('example.com', dnssec=True)
>>> print c.spf()
None
>>> Checker('ten.pm').cdnskey()
---------------------------------------------------------------------------
BadCDNSKEY Traceback (most recent call last)
...
BadCDNSKEY: 1324 did not sign DNSKEY RR>>> from dnsknife import dnssec, resolver
>>> keys = resolver.query('example.com', 'DNSKEY')
>>> dnssec.signed_by(ans, keys[0])
True>>> dnssec.signers(dnsknife.Checker('pm.', dnssec=True)
.query_relative('', 'DNSKEY'))
{<DNS name pm.>: [35968, 60859]}>>> dnssec.trusted(ans)
TrueFinally it implements TPDA - the draft can be found in docs.
A third party provider wanting to change customer NS:
>>> from dnsknife import tpda
>>> # initialize with private key from repo:
>>> client = tpda.Client('ten.pm', 'dnsknife/tests/test.key')
>>> # generate url for domain
>>> URI = client.nameservers_uri('whe.re', ['ns1.ten.pm','ns2.ten.pm'])A DNS operator/registrar validating inbound params:
>>> tpda.validate_URI(URI)
'http://partners.gandi.net/nameservers/v1?source=ten.pm&domain=whe.re&expires=20160415000918&ns=ns1.ten.pm&ns=ns2.ten.pm'
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dnsknife-0.5.tar.gz
(12.9 kB
view hashes)
