Hi, and welcome to this new video!

This is the last video of the Web Exploitation series, and in this video we will discuss specifically an attack that can be done to the DNS protocol known as DNS zone transfer attack.

In this video I discuss the differences between virtual hosts, handled by the HTTP protocol, and domain names, handled by the DNS protocol. I then show how to perform a DNS zone transfer attack with the dig command by simulating a vulnerable environment with docker running bind9, an open-source DNS server implementation.

If you have any feedback, please let me know!

-------------------------

TIMESTAMP

00:00 Introduction
03:10 Difference between VHOST and DNS
07:55 What is a DNS zone transfer?
09:35 DNS zone transfer in practice
14:15 Final Overview
16:00 Conclusion

-------------------------

REFERENCES

- Material: https://github.com/LeonardoE95/yt-en/tree/main/src/2024-05-17-web-exploitation-dns-zone-transfer-attacks
- OSCP repository: https://github.com/LeonardoE95/OSCP
- BurpSuite Community Edition: https://portswigger.net/burp/communitydownload


-------------------------

CONTACTS

- Blog: https://blog.leonardotamiano.xyz/
- Github: https://github.com/LeonardoE95?tab=repositories
- Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ