Dnscan

Dnscan is an open source subdomain scanner used to enumerate subdomains of websites. It is a useful reconnaissance tool for information gathering during penetration testing or bug bounty hunting.

Security & Privacy Reconnaissance

subdomain enumeration scanner reconnaissance information-gathering penetration-testing bug-bounty

Dnscan alternatives ➤

Dnscan: Open Source Subdomain Scanner

An open source subdomain scanner used to enumerate subdomains of websites, useful for information gathering during penetration testing or bug bounty hunting.

What is Dnscan?

Dnscan is an open source command line tool for subdomain scanning and enumeration. It is designed to find subdomains of a target domain by using various OSINT techniques like search engine scraping, certificate transparency logs, subdomain brute forcing etc.

Some key features of Dnscan are:

Fast and multi-threaded subdomain scanning engine
Supports brute-force subdomain scanning via wordlists
Fetches subdomain data from various public sources like certificate transparency logs, search engine scraping etc.
Output subdomains list in multiple formats like JSON, CSV etc.
Easy to install and use, with support for Docker
Active development and maintenance

Dnscan is useful for information security professionals like penetration testers, bug bounty hunters, security researchers for gathering initial attack surface data during recon. It can greatly help accelerate the subdomain discovery phase. Overall, Dnscan is an effective open-source tool for subdomain enumeration with lots of potential for security assessments.

Dnscan Features

Features

Fast subdomain scanning
Multithreaded
Supports wildcards
Output to JSON/CSV/STDOUT
Brute force subdomain enumeration
Recursive subdomain scanning
Detects wildcard DNS records
Detects CDN filtering
Performs DNS zone transfers

Pricing

Open Source

Pros

Open source

Fast and efficient

Feature rich

Easy to use

Active development

Cons

Limited documentation

No official support

Requires some technical knowledge to use

Official Links

Official Website
https://github.com/rbsec/dnscan

The Best Dnscan Alternatives

Top Security & Privacy and Reconnaissance and other similar apps like Dnscan

Here are some alternatives to Dnscan:

Sublist3r

Lepus Subdomain finder

OWASP Amass

Suggest an alternative ❐

Sublist3r

Sublist3r is an open source subdomain enumeration and discovery tool for penetration testers. It is used to identify subdomains of a target domain that an attacker could use to find network vulnerabilities. Sublist3r has several useful features:It collects subdomains from many different sources including search engines, DNS dumpsters, certificates, etc....

Compare Sublist3r and Dnscan

Lepus Subdomain finder

Lepus Subdomain finder is an open-source reconnaissance tool used to discover subdomains of a given domain. It is written in Rust programming language making it very fast and efficient.Lepus utilizes various techniques to find subdomains like:Brute-force - Trying common subdomain names against the domainCertificates transparency logs - Finding subdomains from...

Compare Lepus Subdomain finder and Dnscan

OWASP Amass

OWASP Amass is an open source network mapping and asset discovery tool developed by Jeff Foley. It can be used to passively map out an organization's external attack surface by collecting information from public sources like certificate transparency logs, search engines, subdomain brute forcing, and more.Some key features of OWASP...

Compare OWASP Amass and Dnscan