Passive DNS network mapping

Dnsmap – Passive DNS network mapper a.k.a. subdomains bruteforcer.

dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc …

Subdomain brute-forcing is another technique that should be used in the enumeration stage, as it’s especially useful when other domain enumeration techniques such as zone transfers don’t work.


dnsmap <target-domain> [options]


-w <wordlist-file>
-r <regular-results-file>
-c <csv-results-file>
-d <delay-millisecs>
-i <ips-to-ignore> (useful if you're obtaining false positives)


dnsmap -w yourwordlist.txt -r /tmp/domainbf_results.txt
dnsmap -r /tmp/ -d 3000
dnsmap -r ./domainbf_results.txt

Results example:

user@kali:~# dnsmap
dnsmap 0.30 - DNS Network Mapper by pagvac (
[+] searching (sub)domains for using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests
IP address #1:
IP address #1:
IP address #1:
IP address #1:
[+] 4 (sub)domains and 4 IP address(es) found
[+] completion time: 195 second(s)

How to search for folders in windows 7

Either in start menu search textbox or explorer search textbox type:

name:=folder_name kind:=folder

> Hit enter.

for ex. to delete all .svn files because you are moving to git:

name:=.svn kind:=folder

> Select all results and Shift+Delete.

Set up an empty repository in Git server

> Open your ubuntu distribution
> Create an empty folder

mkdir /home/myusername/dev/myproject.git
cd /home/myusername/dev/myproject.git

> Initialize an empty repository

git init --bare

How to create SSH key pair in Ubuntu

> Press Alt+F2.
> Type seahorse.
> Click the green plus sign.
> Choose Secure Shell Key and click continue.
> Follow the step by step procedure.

Extract all strings using Mono.Cecil in C#

First check this post on how to build and use Mono.Cecil library.

private List<String> ReadAssemblyStrings(String executable)
	if (!File.Exists(executable)) return null;
	AssemblyDefinition AssemblyDef = AssemblyDefinition.ReadAssembly(executable);
	List<String> sstrs = new List<String>();
	foreach (ModuleDefinition md in AssemblyDef.Modules)
	    foreach (TypeDefinition td in md.GetTypes())
		foreach (MethodDefinition mdf in td.Methods)
		    if (mdf.HasBody)
			for (int i = 0; i < mdf.Body.Instructions.Count; i++)
			    Instruction id = mdf.Body.Instructions[i];
			    if (id.OpCode == OpCodes.Ldstr)
	return sstrs;
	return null;

How to use Mono.Cecil

> Download or Clone Mono.Cecil source code from github.

> Open Solution file (Mono.Cecil.sln) with your Visual Studio.

> Build Solution (Compile). There are 12(Debug & Release) build configurations available. Choose the one that fits your needs.

.Net 2 Debug/Release
.Net 3.5 Debug/Release
.Net 4 Debug/Release
.Net 4.5 Debug/Release
SilverLight Debug/Release
Windows Phone Debug/Release

> Add Mono.Cecil.dll in your project, as a reference.

How to get the local IP address(es) using C in Windows

GetIpAddrTable function

You have to add the following libraries into your project:
ws2_32.lib and iphlpapi.lib.

Check this post on how to link your eclipse project with libraries.

#include <winsock2.h>
#include <iphlpapi.h>
#include <windows.h>
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
int main(void)
	int i;
	DWORD dwSize = 0;
	DWORD dwRetVal = 0;
	if (pIPAddrTable) {
	  if (GetIpAddrTable(pIPAddrTable, &dwSize, 0) ==
		pIPAddrTable = (MIB_IPADDRTABLE *) MALLOC(dwSize);
	  if (pIPAddrTable == NULL) exit(1);
	if ( (dwRetVal = GetIpAddrTable( pIPAddrTable, &dwSize, 0 )) != NO_ERROR ) exit(1);
	for (i=0; i < (int) pIPAddrTable->dwNumEntries; i++) {
	  IPAddr.S_un.S_addr = (u_long) pIPAddrTable->table[i].dwAddr;
	  printf("%s", inet_ntoa(IPAddr) );
	  IPAddr.S_un.S_addr = (u_long) pIPAddrTable->table[i].dwMask;
	  printf(" %s\n", inet_ntoa(IPAddr) );
	if (pIPAddrTable) {
	  pIPAddrTable = NULL;

How to link winsock library in Eclipse CDT

1.Right click on project’s name to open its Properties or hit Alt+Enter.
2. Expand C/C++ Build on the tree.
3. Select Settings.
4. Open Tool Settings Tab.
5. Select Libraries under Cross GCC Linker.
6. Add a new entry ws_32 in the right top section (Libraries (-l)).
7. In your project’s source now, add these lines:

#include <winsock2.h>
#include <windows.h>

Get current process id with C in Linux

getpid function

#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
int main(void)
    printf("%d", getpid());
    return EXIT_SUCCESS;

Get current process id with C in Windows.

Get current process id in C

GetCurrentProcessId function

#include <stdlib.h>
#include <stdio.h>
#include <windows.h>
int main(void)
    printf("%lu", GetCurrentProcessId());
    return EXIT_SUCCESS;

Get current process id with C in Linux.