A comprehensive tool designed to test the effectiveness of DNS security solutions (DNS Firewall, Sinkhole, etc.). This tool evaluates how successfully DNS security solutions block malicious domains by testing them against domains collected from various threat intelligence sources.
- Support for multiple threat intelligence sources
- DNS Firewall and Sinkhole testing capabilities
- Fast analysis with parallel DNS queries
- Detailed HTML reporting
- Support for various domain formats (URL, hostfile, CSV, etc.)
- Comprehensive domain filtering and validation
- Install Python 3.8 or higher
- Clone the repository:
git clone https://github.com/yourusername/DNSGapHunter.git
cd DNSGapHunter- Create and activate virtual environment:
python -m venv venv
source venv/bin/activate # Linux/Mac
# or
venv\Scripts\activate # Windows- Install required packages:
pip install -r requirements.txtTo run the tool:
python DNSGapHunter.pyThe tool offers 4 different security configurations:
- DNS Firewall (Infoblox Threat Defense)
- DNS Firewall (Manual IP entry)
- DNS Firewall (IP list file)
- Sinkhole DNS Security
When run, the program generates the following outputs:
- DNS query results (CSV)
- Domains with no DNS records (CSV)
- Filtered domains (CSV)
- Detailed HTML report
- ThreatFox (abuse.ch)
- URLhaus (abuse.ch)
- OpenPhish
- CyberCrime
- Botvrij
- StopForumSpam
- PhishingArmy
You can customize the following settings in config.py:
- DNS timeout duration
- DNS retry count
- Maximum domain count
- Thread count
- Whitelist domains
- Report directories
This project is licensed under the MIT License. See the LICENSE file for details.
- Fork this repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Create a Pull Request