About DNSWatch[Click to receive the tool]
DNSWatch is a powerful DNS traffic sniffing and analysis tool. This tool is developed based on pure Python and can help researchers implement sniffing and monitoring of DNS (Domain Name System) traffic in the target network. This tool listens for DNS requests and responses and gives us an inside view of DNS activity.
Features
1. Sniff and analyze DNS requests and responses;
2. Display the source and destination IP addresses corresponding to the DNS request;
3. The optional Verbose mode provides more detailed packet inspection details;
4. Supports storing analysis results to specified output files;
5. Filter DNS traffic through the specified target IP address;
6. Store DNS requests in a database for subsequent detailed analysis;
7. Support analysis of DNS types;
8. Support DNS over HTTPS (DoH);
Tool requirements
Python 3.7+
Scapy 2.4.5+
Colorama 0.4.4+
Tool installation
Since this tool is developed based on Python, we first need to install and configure the Python 3.7+ environment on the local device. Next, researchers can use the following command to clone the project source code locally:
git clone https://github.com/HalilDeniz/DNSWatch.git
Next, switch to the project directory and use the pip tool and the requirements.txt file provided by the project to install other dependent components required by the project:
pip install -r requirements.txt
Tool usage help
python dnswatch.py -i <interface> [-v] [-o <output_file>] [-k <target_ip>] [--analyze-dns-types] [--doh]
Parameter command
-i, --interface:指定目标网络接口,例如eth0
-v, --verbose:使用该参数启用Verbose模式
-o, --output:指定要存储结果的文件名称
-t, --target-ip:指定需要监控的目标IP地址
-adt, --analyze-dns-types:分析DNS类型
--doh:使用DNS over HTTPS(DoH)解析DNS请求
-fd, --target-domains:根据指定的域名过滤DNS请求
-d, --database:启用数据库存储DNS请求
Note: Press Ctrl+C at any time to stop the sniffing task.
Tool usage examples
Sniff DNS traffic on the eth0 interface:
python dnswatch.py -i eth0
Sniff DNS traffic on the eth0 interface and store the results to a file:
python dnswatch.py -i eth0 -o dns_results.txt
Sniff DNS traffic on the eth0 interface and filter requests and responses based on the specified destination IP address:
python dnswatch.py -i eth0 -t 192.168.1.100
Sniff DNS traffic on the eth0 interface and enable DNS type analysis:
python dnswatch.py -i eth0 --analyze-dns-types
Sniff DNS traffic on the eth0 interface and use DNS over HTTPS (DoH):
python dnswatch.py -i eth0 --doh
Sniff DNS traffic on the wlan0 interface and enable database storage:
python3 dnswatch.py -i wlan0 --database
Screenshot of tool running
License Agreement
The development and release of this project follows theMIT open source license agreement.
project address
DNSWatch: [GitHub@问门】
References
https://www.instagram.com/deniz.halil333/
https://www.youtube.com/c/HalilDeniz
https://denizhalil.com/
https://tryhackme.com/p/halilovic
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
Network security learning resource sharing:
Finally, I would like to share with you a complete set of network security learning materials that I have studied myself. I hope it will be helpful to friends who want to learn network security!
Getting Started with Zero Basics
For students who have never been exposed to network security, we have prepared a detailed learning and growth roadmap for you. It can be said to be the most scientific and systematic learning route. It will be no problem for everyone to follow this general direction.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can learn them all, you will have no problem taking on private work.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is a video tutorial on network security that I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above. [Click to receive the video tutorial]
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF and digging SRC vulnerabilities. There are also more than 200 e-books[Click to receive it Technical Documentation]
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF and digging SRC vulnerabilities. There are also more than 200 e-books[Click to receive it Books]
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click the link below to obtain it
CSDN gift package: "Hacker & Network Security Introduction & Advanced Learning Resource Package" Share for free