Skip to content
/ DSAT-DNSSecurityAnalysisTool Public

The DNS Security Analysis Tool is a Python-based utility designed to conduct an in-depth security analysis of DNS configurations for multiple domains.

License

Apache-2.0 license
9 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shamimrezasohag/DSAT-DNSSecurityAnalysisTool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
.github
.github
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
dns_security_analysis_tool.py
dns_security_analysis_tool.py
 
 

Repository files navigation

DSAT-DNSSecurityAnalysisTool

Description

The DNS Security Analysis Tool is a Python-based utility designed to conduct an in-depth security analysis of DNS configurations for multiple domains. It queries various DNS record types and performs specialized checks, including DNSSEC verification, open resolver detection, and reverse DNS mismatch analysis. This tool is handy for network administrators, cybersecurity professionals, and anyone interested in DNS security.

Key Features

  • Comprehensive DNS Record Queries: Retrieves various DNS record types such as A, AAAA, MX, TXT, NS, CNAME, SOA, SPF, DKIM, DNSKEY, DS.
  • DNSSEC Verification: Checks for the implementation of DNSSEC, enhancing the security of DNS queries.
  • Open Resolver Detection: Identifies potential open resolvers that might be used in DNS amplification attacks.
  • Reverse DNS Mismatch Analysis: Examines mismatches between forward and reverse DNS records.
  • Anomaly Detection: Basic analysis to identify potential anomalies and unusual entries in DNS records.
  • Response Code Logging: Captures and logs DNS response codes for each query for further analysis.
  • Domain Name Validation: whether the domain exists or not. If not, no further check will be done.
  • Empty Row filtering: If the file contains an empty row, it will check and skip that part.

Key Notes:

  • check_open_resolver Function: This function uses the dig command to determine if the given domain is an open resolver. Ensure the environment where this script is run has the dig command available.
  • check_dnssec Function: Performs DNSSEC validation for the domain using the specified nameservers.
  • analyze_records Function: Placeholder for analyzing DNS records for anomalies. Specific logic can be implemented based on the requirements.
  • Reporting and Processing: The script generates a report in the chosen format and processes each domain in the input file, showing progress with a tqdm progress bar.

This script should now provide comprehensive DNS security analysis, including open resolver checking and DNSSEC validation, among other features. Test this script in your environment to ensure it performs as expected. Please let me know if you encounter any issues or need further modifications!

Prerequisites

  • Python 3.x
  • dnspython pnadas tqdm library

Installation

  1. Clone the repository: git clone https://github.com/shamimrezasohag/DSAT-DNSSecurityAnalysisTool.git
  2. Navigate to the cloned directory: cd dns-security-analysis-tool
  3. Install the required Python package: pip install dnspython pandas tqdm

Usage

Run the script from the command line by specifying the input file containing domain names and other optional parameters: python3 dns_security_analysis_tool.py --domains-file domains.txt --format csv --output dns_security_report

Command-Line Arguments

  • --domains-file: Path to the file containing the list of domains for analysis.
  • --dns-server: (Optional) DNS server to use for queries (default: 8.8.8.8).
  • --format: (Optional) output report format (json, csv, html).
  • --output: (Optional) Name of the output file (without extension).

Bug Reporting and Contributions

Reporting Bugs

If you encounter any bugs or issues with the DNS Security Analysis Tool, please report them to us for investigation. You can submit bug reports via our GitHub Issues page:

Submit a Bug Report

When reporting a bug, please provide as much detail as possible, such as the steps to reproduce the issue, the expected outcome, and any relevant logs or screenshots.

Contributing

I want you to know that contributions to this project are welcome. Please feel free to fork the repository, make changes, and submit a pull request.

For more details on how to contribute, please read our CONTRIBUTING.md file.

Reporting Security Vulnerabilities

We take the security of our project seriously. If you find any security vulnerabilities in our tool, please report them responsibly. To report a security vulnerability, please follow the steps outlined in our Security Policy.

Your report should include details of the vulnerability, how it can be exploited, and any potential impact. Please do not disclose the vulnerability publicly until we have had a chance to resolve it.

Features added

  • Progress Bar: Real-time visual feedback on script execution with a progress bar.
  • Input Validation
  • Empty Row filtering

License

This project is licensed under the Apache License 2.0. For more details, please look at the LICENSE file.

Contact

Please contact Shamim for any questions or feedback.

About

The DNS Security Analysis Tool is a Python-based utility designed to conduct an in-depth security analysis of DNS configurations for multiple domains.

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity

Stars

9 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages