Adidnsdump - Active Directory Integrated DNS Dumping By Any Authenticated User

ID KITPLOIT:96717633675917765
Type kitploit
Reporter KitPloit
Modified 2019-05-01T21:27:03


By default any user in Active Directory can enumerate all DNS records in the Domain or Forest DNS zones, similar to a zone transfer. This tool enables enumeration and exporting of all DNS records in the zone for recon purposes of internal networks.

For more info, read the associated blog post .

Install and usage
You can either install the tool via pip with pip install adidnsdump or install it from git to have the latest version:

git clone
cd adidnsdump
pip install .


pip install git+

The tool requires impacket and dnspython to function. While the tool works with both Python 2 and 3, Python 3 support requires you to install impacket from GitHub .
Installation adds the adidnsdump command to your PATH . For help, try adidnsdump -h . The tool can be used both directly from the network and via an implant using proxychains. If using proxychains, make sure to specify the --dns-tcp option.

Download Adidnsdump