>>> from dnsknife import resolver
>>> ans = resolver.query('example.com', 'A', dnssec=True)Specific queries shortcuts:
>>> import dnsknife
>>> print dnsknife.Checker('example.com').mx()
[]
>>> print dnsknife.Checker('example.com').spf()
None
>>> print dnsknife.Checker('example.com').txt()
$Id: example.com 4415 2015-08-24 20:12:23Z davids $
v=spf1 -allChecking a domain TXT record is installed, looking at each domain NS (no local caches) for a match:
>>> from dnsknife import Checker
>>> Checker('example.com', direct=True).has_txt('dbef8938bef', ignore_case=True)
FalseOr, if you are into domain challenges:
>>> from dnsknife import Checker
>>> Checker('example.com').has_challenge('secretkey')
False
>>> Checker('example.com').challenge('secretkey')
'f1ef9be83f844d64f8f2bea8bcfb9f7f4cf0792487ae24707937344dbec8f4fb'Querying a few dozen things at the same time:
>>> from dnsknife.resolver import Resolver
>>> with Resolver(timeout=2) as r:
a = r.query_at('www.example.com', 'A', '1.2.3.4')
...
x = r.query_at('www.example.com', 'A', '1.2.3.4')
>>> print a.get()
<dns.resolver.Answer at 0x7f6e3d398ad0>
>>> print x.get()
<dns.resolver.Answer at 0x7f6e3d398bd0>Scanning a zone:
In [16]: from dnsknife.scanner import Scanner
In [9]: time list(Scanner('google.com').scan())
CPU times: user 476 ms, sys: 28 ms, total: 504 ms
Wall time: 2.4 s
Out[9]:
[<DNS mail.google.com. IN CNAME RRset>,
<DNS support.google.com. IN CNAME RRset>,
<DNS google.com. IN A RRset>,
<DNS google.com. IN AAAA RRset>,
<DNS google.com. IN NS RRset>,
<DNS google.com. IN MX RRset>,
<DNS google.com. IN TXT RRset>,
<DNS www.google.com. IN A RRset>,
<DNS www.google.com. IN AAAA RRset>,
<DNS googlemail.l.google.com. IN A RRset>,
<DNS googlemail.l.google.com. IN AAAA RRset>,
<DNS mail.google.com. IN TXT RRset>,
<DNS corp.google.com. IN A RRset>,
<DNS corp.google.com. IN AAAA RRset>,
<DNS corp.google.com. IN NS RRset>,
<DNS admin.google.com. IN A RRset>,
<DNS admin.google.com. IN AAAA RRset>,
<DNS www3.l.google.com. IN A RRset>,
<DNS www3.l.google.com. IN AAAA RRset>,
<DNS googlemail.l.google.com. IN A RRset>,
<DNS googlemail.l.google.com. IN AAAA RRset>,
<DNS www3.l.google.com. IN A RRset>,
<DNS www3.l.google.com. IN AAAA RRset>,
<DNS ns4.google.com. IN A RRset>,
<DNS ns2.google.com. IN A RRset>,
<DNS ns1.google.com. IN A RRset>,
<DNS ns3.google.com. IN A RRset>,
<DNS alt4.aspmx.l.google.com. IN A RRset>,
<DNS alt4.aspmx.l.google.com. IN AAAA RRset>,
<DNS aspmx.l.google.com. IN A RRset>,
<DNS aspmx.l.google.com. IN AAAA RRset>,
<DNS alt2.aspmx.l.google.com. IN A RRset>,
<DNS alt2.aspmx.l.google.com. IN AAAA RRset>,
<DNS alt1.aspmx.l.google.com. IN A RRset>,
<DNS alt1.aspmx.l.google.com. IN AAAA RRset>,
<DNS alt3.aspmx.l.google.com. IN A RRset>,
<DNS alt3.aspmx.l.google.com. IN AAAA RRset>,
<DNS ns2.google.com. IN A RRset>,
<DNS ns1.google.com. IN A RRset>,
<DNS ns3.google.com. IN A RRset>,
<DNS ns4.google.com. IN A RRset>]>>> c = Checker('example.com', dnssec=True)
>>> print c.spf()
None
>>> Checker('ten.pm').cdnskey()
---------------------------------------------------------------------------
BadCDNSKEY Traceback (most recent call last)
...
BadCDNSKEY: 1324 did not sign DNSKEY RR>>> from dnsknife import dnssec, resolver
>>> keys = resolver.query('example.com', 'DNSKEY')
>>> dnssec.signed_by(ans, keys[0])
True>>> dnssec.signers(dnsknife.Checker('pm.', dnssec=True)
.query_relative('', 'DNSKEY'))
{<DNS name pm.>: [35968, 60859]}>>> dnssec.trusted(ans)
True>>> from dnsknife import tpda
>>> # initialize with private key from repo:
>>> client = tpda.Client('ten.pm', 'dnsknife/tests/test.key')
>>> # generate url for domain
>>> URI = client.nameservers_uri('whe.re', ['ns1.ten.pm','ns2.ten.pm'])>>> tpda.validate_URI(URI)
'http://partners.gandi.net/nameservers/v1?source=ten.pm&domain=whe.re&expires=20160415000918&ns=ns1.ten.pm&ns=ns2.ten.pm'