Skip to main content
HomePentest-Tools.com Logo
Infrastructure Testing

DNS Zone Transfer

Attempt DNS Zone Transfer against the name servers of the target domain.

Sample report
Use cases
Technical details

Reporting

Sample DNS Zone Transfer report

Here is a sample report from our DNS Zone Transfer that gives you a taste of how our tools save you time and reduce repetitive manual work.

  • Includes all the name servers of target domain

  • Shows the full DNS Zone file if accessible

See sample report
DNS Zone Transfer Report Sample

How to use the pentesting tool

Use Cases for DNS Zone Transfer

Check if the name servers of the target domain are vulnerable to DNS Zone Transfer and attempt to retrieve the full DNS Zone file.

Better vulnerability discovery.Faster pentest reporting.

Get instant access to custom vulnerability scanners and automation features that simplify the pentesting process and produce valuable results. The platform helps you cover all the stages of an engagement, from information gathering to website scanning, network scanning, exploitation and reporting.

Create your account
Pentest-Tools.com DNS Zone Transfer Sample Report

DNS Zone Transfer

Technical details

DNS servers shouldn't allow zone transfers towards any IP address from the Internet.

Zone files contain complete information about domain names, subdomains, and IP addresses configured on the target name server. It is relevant to find this information because it helps increase your attack surface and better understand the internal structure of the target company (e.g., detect test servers, development servers, hidden domains, internal IP addresses, etc.)

Information gathered from zone files can help attackers implement various attacks against the target company, like targeting test or development servers that are less secure.

Parameters

ParameterDescription
Target domain nameThis is the base domain name for which you want to try zone transfer.

How it works

The tool starts by discovering all the name servers associated with your target domain. Then, to each name server, it sends a Zone Transfer (AXFR) DNS request and checks if it is successful or not. In case of success, the entire zone file is displayed.