By
itsMe
Hidden Content
Give reaction to this post to see the hidden content.
SnitchDNS
SnitchDNS is a database-driven DNS Server with a Web UI, written in Python and Twisted, that makes DNS administration easier with all configuration changed applied instantly without restarting any system services.
One of its main features is the logging of all DNS queries allowing the discovery of network traffic endpoints, and it can also be used to implement canary tokens as it supports notifications via e-mail, web push, Slack, and Teams. Red teamers can also use SnitchDNS to monitor phishing domains for sandboxes, integrate with SIEM solutions, restrict responses to specific IP ranges, egress data via a DNS tunnel and catch-all domains, and more.
Basic Features
Database Driven.
Changes are reflected immediately on each DNS request.
Supported DBMS:
SQLite
MySQL / MariaDB
Postgres
DNS Server
Support for common DNS Records.
A, AAAA, AFSDB, CNAME, DNAME, HINFO, MX, NAPTR, NS, PTR, RP, SOA, SPF, SRV, SSHFP, TSIG, TXT.
Catch-All Domains.
Ability to match any subdomain (no matter the depth) to a specific parent domain, for instance, *.hello.example.com.
Unmatched Record Forwarding.
Functionality to intercept specific queries (ie only A and CNAME) and forward all other records to a third-party DNS server (ie Google).
Tags and Aliases.
IP Rules
Configure Allow/Block rules per domain.
Notifications. Receive a notification when a domain is resolved, via:
E-mail
Web Push
Slack
Microsoft Teams
User Management
Multi-User support
Each user is given their own subdomain to use.
LDAP Support
Two Factor Authentication
Password Complexity Management
Logging
All DNS queries are logged, whether they have been matched or not.
CSV Logging for SIEM integration.
Swagger 2.0 API
Deployment
Ansible scripts for Ubuntu 18.04 / 20.04
Docker
CLI support for the zone, record, user, and settings management.
CSV Export/Import
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content.
What you guy's are using with RAT ? Dns alone or DNS + Vpn ?
Share this post
Link to post
Share on other sites