Fierce is a powerful DNS reconnaissance tool designed to help security professionals and developers gather crucial information about network infrastructure. It excels at discovering subdomains, scanning IP ranges, and performing various other DNS-related tasks that are essential for security audits and network analysis.
Below are common usage examples for the Fierce tool, illustrating its versatility in different scanning scenarios.
This command initiates a DNS scan for a specified domain and saves the results to a designated output file. This is useful for later analysis or reporting.
fierce -dns <domain> -file <output_file>You can direct Fierce to use a particular DNS server for its queries, which can be helpful for testing specific DNS configurations or bypassing certain network restrictions.
fierce -dns <domain> -dnsserver <server>This functionality allows for scanning internal network segments to identify active hosts and their DNS records within a given IP range, using a specified DNS server.
fierce -range <ip-range> -dnsserver <server>Leverage a custom wordlist to brute-force potential subdomains for a target domain. This method can uncover hidden or non-standard subdomains.
fierce -dns <domain> -wordlist <wordlist>Configure scan parameters such as TCP timeout and the number of IP addresses to branch from discovered addresses, enabling more in-depth and targeted reconnaissance.
fierce -dns <domain> -tcptimeout <# seconds> -traverse <# addresses>Process a list of domains from a file and perform a wide scan across the entire class C network for each discovered IP address, providing comprehensive network mapping.
fierce -dnsfile <file> -wide- IANA Domain Name System - Official information on domain name registration and management.
- DNS-OARC - A community for DNS operations, research, and analysis.
- OWASP DNS Reconnaissance - Information on DNS reconnaissance vulnerabilities and best practices.