daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1693 from projectdiscovery/nameserver-detection 

Added NS based fingerprint template
patch-1
Sandeep Singh 2021-06-14 18:59:40 +05:30 committed by GitHub
parent 5d858448b7 35eaafe203
commit ca35715b17
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 232 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

232
dns/nameserver-detection.yaml Normal file
View File

@ -0,0 +1,232 @@
id: nameserver-detection
info:
name: NS Detection
author: pdteam
severity: info
tags: dns,ns
reference: https://github.com/indianajson/can-i-take-over-dns
dns:
- name: "{{FQDN}}"
type: NS
class: inet
recursion: true
retries: 3
matchers-condition: or
matchers:
- type: word
name: 000domains
condition: or
words:
- "ns1.000domains.com"
- "ns2.000domains.com"
- "fwns1.000domains.com"
- "fwns2.000domains.com"
- type: word
name: azure
condition: or
words:
- ".azure-dns.com"
- ".azure-dns.net"
- ".azure-dns.org"
- ".azure-dns.info"
- type: word
name: bizland
condition: or
words:
- "ns1.bizland.com"
- "ns2.bizland.com"
- type: word
name: cloudflare
words:
- "ns.cloudflare.com"
- type: word
name: digitalocean
condition: or
words:
- "ns1.digitalocean.com"
- "ns2.digitalocean.com"
- "ns2.digitalocean.com"
- type: word
name: dnsmadeeasy
words:
- ".dnsmadeeasy.com"
- type: word
name: dnsimple
condition: or
words:
- "ns1.dnsimple.com"
- "ns2.dnsimple.com"
- "ns3.dnsimple.com"
- "ns4.dnsimple.com"
- type: word
name: domain
condition: or
words:
- "ns1.domain.com"
- "ns2.domain.com"
- type: word
name: dotster
condition: or
words:
- "ns1.dotster.com"
- "ns2.dotster.com"
- type: word
name: easydns
condition: or
words:
- "dns1.easydns.com"
- "dns2.easydns.com"
- "dns3.easydns.com"
- "dns4.easydns.com"
- type: word
name: googledomains
words:
- ".googledomains.com"
- type: word
name: hurricane-electric
condition: or
words:
- "ns1.he.net"
- "ns2.he.net"
- "ns3.he.net"
- "ns4.he.net"
- "ns5.he.net"
- type: word
name: linode
condition: or
words:
- "ns1.linode.com"
- "ns1.linode.com"
- type: word
name: mediatemple
condition: or
words:
- "ns1.mediatemple.net"
- "ns2.mediatemple.net"
- type: word
name: mydomain
condition: or
words:
- "ns1.mydomain.com"
- "ns2.mydomain.com"
- type: word
name: name
words:
- ".name.com"
- type: word
name: nsone
words:
- ".nsone.net"
- type: word
name: tierranet
condition: or
words:
- "ns1.domaindiscover.com"
- "ns2.domaindiscover.com"
- type: word
name: yahoo
condition: or
words:
- "yns1.yahoo.com"
- "yns2.yahoo.com"
- type: word
name: domainpeople
condition: or
words:
- "ns1.domainpeople.com"
- "ns2.domainpeople.com"
- type: word
name: hover
condition: or
words:
- "ns1.hover.com"
- "ns2.hover.com"
- type: word
name: networksolutions
words:
- ".worldnic.com"
- type: word
name: activision
words:
- ".activision.com"
- type: word
name: aws-route53
words:
- ".awsdns-"
- type: word
name: apple
condition: or
words:
- "a.ns.apple.com"
- "b.ns.apple.com"
- "c.ns.apple.com"
- "d.ns.apple.com"
- type: word
name: capitalone
condition: or
words:
- "ns1.capitalone.com"
- "ns2.capitalone.com"
- "ns3.capitalone.com"
- type: word
name: csust
condition: or
words:
- "0xd0a1.csust.netm"
- "0xd0a2.csust.net"
- "0xd0a3.csust.net"
- "0xd0a4.csust.net"
- type: word
name: disney
condition: or
words:
- "ns1.twdcns.com"
- "ns2.twdcns.com"
- "ns3.twdcns.info"
- "ns4.twdcns.info"
- "ns5.twdcns.co.uk"
- "ns6.twdcns.co.uk"
- type: word
name: lowes
condition: or
words:
- "authns1.lowes.com"
- "authns2.lowes.com"
- type: word
name: tmobile
condition: or
words:
- "ns10.tmobileus.com"
- "ns10.tmobileus.net"