Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DNSWatch - DNS Traffic Sniffer and Analyzer #4003

Closed
HalilDeniz opened this issue Nov 6, 2023 · 4 comments · Fixed by #4381
Closed

DNSWatch - DNS Traffic Sniffer and Analyzer #4003

HalilDeniz opened this issue Nov 6, 2023 · 4 comments · Fixed by #4381
Labels
lang::python type::tool-request When someone ask to add a tool

Comments

@HalilDeniz
Copy link

DNSWatch - DNS Traffic Sniffer and Analyzer

DNSWatch is a Python-based tool that allows you to sniff and analyze DNS (Domain Name System) traffic on your network. It listens to DNS requests and responses and provides insights into the DNS activity.
DNSWatch

Features

link of the DNSWatch

  • Sniff and analyze DNS requests and responses.
  • Display DNS requests with their corresponding source and destination IP addresses.
  • Optional verbose mode for detailed packet inspection.
  • Save the results to a specified output file.
  • Filter DNS traffic by specifying a target IP address.
  • Save DNS requests in a database for further analysis(optional)
  • Analyze DNS types (optional).
  • Support for DNS over HTTPS (DoH) (optional).

Usage

python dnswatch.py -i <interface> [-v] [-o <output_file>] [-k <target_ip>] [--analyze-dns-types] [--doh]
  • -i, --interface: Specify the network interface (e.g., eth0).
  • -v, --verbose: Use this flag for more verbose output.
  • -o, --output: Specify the filename to save results.
  • -t, --target-ip: Specify a specific target IP address to monitor.
  • -adt, --analyze-dns-types: Analyze DNS types.
  • --doh: Use DNS over HTTPS (DoH) for resolving DNS requests.
  • -fd, --target-domains: Filter DNS requests by specified domains.
  • -d, --database: Enable database storage for DNS requests.
  • -p, --pcap: Save captured packets to a .pcap file
    Press Ctrl+C to stop the sniffing process.
@HalilDeniz HalilDeniz added the type::tool-request When someone ask to add a tool label Nov 6, 2023
@noptrix
Copy link
Contributor

noptrix commented Nov 6, 2023

@HalilDeniz , thank you - have you considered creating a pull request (PR) instead of spending time on writing a lengthy description for this tool? For "tool requests," a concise description along with a link to the relevant URL is typically sufficient. Just a friendly suggestion.

@noraj
Copy link
Contributor

noraj commented Nov 6, 2023

spending time on writing a lengthy description

That's copy pasta from upstream README but yeah @HalilDeniz you can take a look at https://wiki.archlinux.org/title/PKGBUILD and https://github.com/BlackArch/blackarch-pkgbuilds and come with a Merge Request if you wouldl like.

@D3vil0p3r
Copy link
Contributor

@HalilDeniz solve this HalilDeniz/DNSWatch#17

@D3vil0p3r
Copy link
Contributor

D3vil0p3r commented Nov 24, 2024

Packaged as standalone and it works correctly: #4381

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
lang::python type::tool-request When someone ask to add a tool
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants