Skip to content

fix(dns-scanner): extended CNAME/NS results#7442

Open
lcampbell2 wants to merge 6 commits into
masterfrom
fix/split-dns-query-scanner-results
Open

fix(dns-scanner): extended CNAME/NS results#7442
lcampbell2 wants to merge 6 commits into
masterfrom
fix/split-dns-query-scanner-results

Conversation

@lcampbell2

Copy link
Copy Markdown
Collaborator

Improve DNS scanner output for takeover/hijack detection by fixing NS direct-query evidence and adding per-query DNS response codes. This updates the scan payload to better support CNAME and Sitting Duck classification while preserving current scan flow.

  • Add query_res with per-record-type DNS rcodes (A, SOA, NS, CNAME).
  • Add ns_delegations block with per-NS checks and derived lame_type (none/partial/full).

@lcampbell2 lcampbell2 requested a review from FestiveKyle July 7, 2026 20:41
@lcampbell2 lcampbell2 changed the title Fix: extended CNAME/NS results fix(dns-scanner): extended CNAME/NS results Jul 7, 2026
Comment thread scanners/dns-scanner/dns_scanner/ns_registrar.py Outdated
Comment thread scanners/dns-scanner/dns_scanner/ns_registrar.py Outdated
Comment thread scanners/dns-scanner/dns_scanner/dns_scanner.py Outdated
return ns_ip


def check_ns_delegations(domain, zone_apex, ns_records, resolver=None, timeout_sec=10):

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm having trouble getting this to flag a real lame nameserver, do you have a working domain I can test it against?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants