dnswalk is a DNS debugger. It performs zone transfers of specifieddomains, and checks the database in numerous ways for internalconsistency, as well as accuracy.
-r = Recursively descend sub-domains of the specified domain. Use with care.
-a = Turn on warning of duplicate A records. (see below)
-d = Print debugging and ‘status’ information to stderr. (Use only if redirecting stdout) See DIAGNOSTICS section.
-m = Perform checks only if the zone has been modified since the previous run.
-F = perform “forced” checking. When checking an A record, compare the PTR name for each IP address with the forward name and report mismatches.
-i = Suppress check for invalid characters in a domain name. (see below)
-l = Perform “lame delegation” checking. For every NS record, check to see that the listed host is indeed returning authoritative answers for this domain.
root@bt:/pentest/enumeration/dns/dnswalk# ./dnswalk -r -d url-to-show-how.com.
Getting zone transfer of url-to-show-how.com. from a.iana-servers.net…failed
FAIL: Zone transfer of url-to-show-how.com. from a.iana-servers.net failed: Response code from server: REFUSED
!Getting zone transfer of url-to-show-how.com. from b.iana-servers.net…failed
FAIL: Zone transfer of url-to-show-how.com. from b.iana-servers.net failed: Response code from server: REFUSED
!BAD: All zone transfer attempts of url-to-show-how.com. failed!
!2 failures, 0 warnings, 1 errors.