Recon Wave helps organizations protect their external attack surfaces. While enumerating all DNS records isn't inherently a security risk, it can reveal unnecessary information to adversaries. This information might lead to unpatched services, shadow IT, supply chain details, or generally to insights of the organization's infrastructure.In this post, we want to raise awareness about a technique that's less commonly supported nowadays but still relevant in some cases: DNS zone enumeration using NSEC (and occasionally NSEC3) records.
Recon Wave helps organizations protect their external attack surfaces. While enumerating all DNS records isn't inherently a security risk, it can reveal unnecessary information to adversaries. This information might lead to unpatched services, shadow IT, supply chain details, or generally to insights of the organization's infrastructure.
In this post, we want to raise awareness about a technique that's less commonly supported nowadays but still relevant in some cases: DNS zone enumeration using NSEC (and occasionally NSEC3) records.