Fast DNS Zone Transfer (AXFR) Scanner for Recon & Security Testing
NinjAXFR is a fast and lightweight DNS zone transfer (AXFR) scanner written in Python. It automates name server discovery and tests for misconfigured DNS servers, helping identify exposed zone data during reconnaissance and security assessments.
- Automatic NS discovery
- Concurrent scanning
- AXFR misconfiguration detection
- Full zone dump (--exploit)
- Output file support
- Verbose mode
- Silent mode
git clone https://github.com/yHunterDep/ninjaXRF/
cd ninjaXRF
pip install -r requirements.txt
chmod +x ninjaxfr
./ninjaxfr -h./ninjaxfr -h -h, --help show this help message and exit
-t TARGET, --target TARGET
Target domain to scan
-xpl, --exploit Dump full zone data if AXFR is successful.
-o OUTPUT, --output OUTPUT
Save results to a specified file.
-c CONCURRENT, --concurrent CONCURRENT
Number of concurrent threads (default: 25).
-v, --verbose Shows detailed information about each step
of the scanning process..
-s, --silent Skip Banner mode
./ninjaxfr -t zonetransfer.me./ninjaxfr -t zonetransfer.me -c 70cat domains.txt | ./ninjaxfr./ninjaxfr -t zonetransfer.me --exploit./ninjaxfr -t zonetransfer.me -o results.txtcat domains.txt | ./ninjaxfr | anew results.txtZone Transfer (medium)
Domain: zonetransfer.me
NS_SERVER: nsztm1.digi.ninja
Command to use: dig axfr zonetransfer.me @nsztm1.digi.ninja
_ _ _ __ __________
____ (_)___ (_)___ | |/ // ____/ __ \
/ __ \/ / __ \ / / __ `/ // /_ / /_/ /
/ / / / / / / / / / /_/ / |/ __/ / _, _/
/_/ /_/_/_/ /_/_/ /\__,_/_/|_/_/ /_/ |_|
/___/
ninjaXFR - DNS Zone Transfer Tool
by HunterDep
v0.1
This tool is intended for educational and authorized security testing purposes only. Do not use it against targets without permission.
HunterDep