Skip to content

πŸ” Discover if a domain is resolvable or blocked by secure DNS and Ad-blocking services, and experience the innovative idea of DaaS - DNS as an Intelligence Service.

License

Notifications You must be signed in to change notification settings

PeterDaveHello/chkdomain

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

56 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

chkdomain

Build Status

chkdomain checks if a domain can be resolved by no-filter DNS, or has been blocked by secure/protective DNS, and advertisement/tracker-blocking DNS services. It sends queries to well-known DNS servers and checks the resolution success as a basis for determining if the domain is blocked. The tool also provides links to OSINT, domain threat intelligence, and security services for the domain in question.

The DNS services currently used for sending queries are listed below:

No-filter DNS Secure DNS Ad/Tracker-blocking DNS
AdGuard (94.140.14.140) CleanBrowsing (185.228.168.9) AdGuard (94.140.14.14)
Cloudflare (1.1.1.1) Cloudflare (1.1.1.2) AhaDNS (5.2.75.75)
dns0.eu (193.110.81.254) Comodo (8.26.56.26) CONTROL D (76.76.2.2)
Freenom World (80.80.81.81) CONTROL D (76.76.2.1) dnsforge.de (176.9.93.198)
Gcore (95.85.95.85) dns0.eu (193.110.81.0) OVPN (192.165.9.157)
Google (8.8.8.8) UltraDNS (156.154.70.2) Tiarap (188.166.206.224)
Hinet (168.95.1.1) OpenDNS (208.67.222.222)
UltraDNS (64.6.64.6) Quad101 (101.101.101.101)
OpenDNS (208.67.222.2) Quad9 (9.9.9.9)
Quad9 (9.9.9.10) SafeDNS (195.46.39.39)
Yandex (77.88.8.1) Yandex (77.88.8.2)

After checking the domain, chkdomain provides direct links to the following intelligence services for more information:

If you'd like to build up your own secure DNS, check out the threat-hostlist repository. It contains many different threat-blocking blocklists to help you create a secure DNS service for your home, office, or elsewhere.

Usage

Download the chkdm script and make it executable:

$ wget https://github.com/PeterDaveHello/chkdomain/raw/master/chkdm
$ chmod +x chkdm

Check domain by running chkdm:

$ ./chkdm <domain name>

Additionally, you can put the script in your $PATH, such as /usr/local/bin, to make it executable from anywhere.

Using Custom DNS

For custom DNS checks, create CustomDNS.txt in the script's directory, listing your DNS server IPs. Use # for comments:

127.0.0.1
192.168.1.1       # Local DNS
168.95.192.1      # Hinet DNS

If you wish to use a custom file location, you can specify a custom file using CustomDNSFile variable before executing:

CustomDNSFile="/path/to/your/dnsfile.txt" ./chkdm ipinfo.tw

The script will then include these servers in its checks and provide results.

Screenshot

Screenshot

Demo

asciicast

Dependency

Only a few command-line tools are needed:

  • awk
  • bash
  • dig
  • dirname
  • head
  • nslookup
  • readlink
  • sed
  • sort

Most of the commands (awk, bash, dirname, head, readlink, sed, and sort) come pre-installed on common Linux distributions. To install dig and nslookup, use your package manager (e.g., apt, yum, pacman) to install the dnsutils (Debian/Ubuntu) or bind-utils (RHEL/CentOS, Arch/Manjaro) package.

Notice

Please be aware that domain names with records such as 0.0.0.0 or 127.0.0.1 (e.g., 0.ipinfo.tw or 1.ipinfo.tw) may yield incorrect results when checked with secure DNS and ad-blocking DNS services. The current detection method for blocked domains is relatively simple. We plan to improve this feature in future updates.

Additional Resources

There are also some malicious domains blocking services that don't directly provide DNS services and can't be queried via the HTTP GET method. As a result, we are unable to integrate them or list their corresponding query URLs in the check results. However, since they are provided by leading security companies and offer a web interface that allows you to manually submit a domain to retrieve the related intelligence, they are worth mentioning. The services are listed below:

License

GPL-3.0 (GNU GENERAL PUBLIC LICENSE Version 3)