Summary: BadDNS is a comprehensive open-source Python tool designed for DNS auditing, specifically aimed at detecting domain and subdomain takeovers. Its unique features extend beyond basic detection, providing insights into potential vulnerabilities associated with trusted domains and resources. The tool automates signature updates to ensure it remains current with the latest vulnerabilities, streamlining the auditing process for users.
Affected: Organizations and systems relying on DNS records
Keypoints :
- Modules for checking CNAME, NS, MX records, and conducting zone transfers to identify takeover opportunities.
- References module assesses second-order takeovers by analyzing trusted external domains.
- Automated signature updates from various reputable sources to maintain an up-to-date signature database.
- Future plans include supporting additional DNS record types and detecting DNSSEC-related vulnerabilities.
- Available for free on GitHub, enhancing accessibility to DNS security.
Source: https://www.helpnetsecurity.com/2025/02/03/baddns-open-source-tool-check-domain-subdomain-takeover/