DNS-Enumeration

NSLOOKUP

Usage:

To use DNS server in settings:

nslookup <ip>

Specify DNS server:

nslookup <ip> <dns-server>

Dig

Find name server:

dig @<dns-server> +short NS <domain>

NMAP

Find dns server in a network:

sudo nmap -Pn --open <network ID>/<subnet #> -p T:53 -oG <file-name>.txt

Clean output of dns server

cat <file-name>.txt | grep -v Nmap | grep -v / | awk '{print $2}'