This simple script will output a list of Open DNS Resolver having recursion enabled.
These servers are likely to be used from hacker or simply disturbed people to do DDOS DNS Amplification attacks.
- Added multithreading
The simplest use case scenario is to run the script and wait for the list file to be populated with open recursive resolvers.
$ pip install -r requirements.txt
$ python SadTruth.pyThis script is also able to make a smarter analysis and output only servers that are more likely to suffer DNS amplification.
To make the list you only have to run :
$ python SadTruth.py --ampYou can use a custom number of threads.
By default the initial dns list is gathered with OSINT and downloaded from here.
But you can supply your own by simply passing the filename to the command line :
$ python SadTruth.py --file my_dns_list.txtThese dns servers can be used for DNS amplification attacks.
DDOS attacks are illegal so be wise and responsible and use this tool only for threat intel purpose.
The script may not work if you are running it over TOR network.