dnsmap
« Back to VersTracker
Description:
Passive DNS network mapper (a.k.a. subdomains bruteforcer)
Type: Formula  |  Latest Version: 0.36@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: reconnaissance subdomain enumeration osint security
Install: brew install dnsmap
About:
dnsmap is a passive DNS network mapper used to discover subdomains by leveraging publicly accessible DNS records. It operates without sending direct probes to the target, making it stealthier than active brute-forcing tools. This makes it ideal for reconnaissance phases where avoiding detection is a priority.
Key Features:
  • Passive reconnaissance via public DNS data sources
  • Cross-platform compatibility (Linux, macOS, Windows)
  • Supports custom wordlists for subdomain enumeration
  • Outputs results in CSV or standard text formats
Use Cases:
  • Performing stealthy reconnaissance to map a target's attack surface
  • Identifying subdomains for penetration testing engagements
  • Gathering open-source intelligence (OSINT) on a domain
Alternatives:
  • sublist3r – Sublist3r aggregates results from multiple search engines and passive DNS sources, often providing faster results with wider source coverage.
  • amass – Amass is a more comprehensive suite that performs both passive enumeration and active brute-forcing/certificate transparency searches.
License: GPL-2.0-or-later AND GPL-3.0-or-later
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, arm64_ventura, arm64_monterey, arm64_big_sur, sonoma, ventura, monterey, big_sur, catalina, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Sep 14, 2025 7:32pm 0 VERSION_BUMP 97655eb1
« Back to VersTracker  |  Browse Packages  |  About