How to use the fierce tool in Linux

The fierce tool and the dnsenum tool are identical. However, the dnsenum tool has more options than the fierce tool.

This tool is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s meant as a pre-cursor to Nmap, unicornscan, nessus, nikto, etc since all of those require that you already know what IP space you are looking for.

This does not perform exploitation and does not scan the whole internet indiscriminately. It is meant specifically to locate likely targets both inside and outside a corporate network.

Get Dns information with fierce

To run this Fierce tool on your Linux you need to run the following command on your terminal. (or) click the kali logo on right side then information geathering > DNS analysis > fierce

									fierce -h				

Subdomain Dns information

We can know the subdomain DNS information using this tool. We need to run the following command on your terminal.

									fierce --domain google.com --subdomains accounts admin ads				

Traverse with fierce

Traverse IPs near discovered domains to search for contiguous blocks with the –traverse flag

									fierce --domain google.com --subdomains admin --traverse 10				

Attempt an HTTP connection

Attempt an HTTP connection on domains discovered with the –connect flag:

									fierce --domain google.com --subdomains mail --connect				

Exchange speed for breadth

Exchange speed for breadth with the –wide flag, which looks for nearby domains on all IPs of the /24 of a discovered domain

									fierce --domain google.com --wide				

Zone transfers with fierce

Zone transfers are rare these days, but they give us the keys to the DNS castle. zonetransfer.me is a very useful service for testing for and learning about zone transfers

									fierce --domain errorsfind.com				

Internal networks

Internal networks will often have large blocks of contiguous IP space assigned. We can scan those as well

									fierce --dns-servers 10.0.0.1 --range 10.0.0.0/24				

I hope you now know how much information you can gather using this fierce tool. And I want to share this post with your friends. If in doubt let me know by the command.