dns-security

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.

• Updated
• PHP

a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain

• Updated
• Python

Advanced kernel-native security framework to disrupt and prevent DNS-based breaches including C2 channels and tunneling with zero data loss. Combines TC, Netfilter, raw socket interception, BPF maps, and ring buffers, runs entirely on eBPF in the Linux kernel. Integrates with deep learning for advanced intelligent EDR

• Updated
• Go

Command-line tool to detect email spoofing vulnerabilities by analyzing SPF and DMARC DNS records. Supports single and bulk domain checks with multiple output formats.

• Updated
• Go

Open-source DNS & email security scanner. One MCP endpoint, 57 checks, zero install. Cloudflare Workers.

• Updated
• TypeScript

Configuration of filtering caching DNS server with DoH/DoH3/DoT/DoQ interfaces and second level cache. Ready for Prometheus, Loki, Promtail, Grafana.

• Updated
• Shell

Multi-layer OPSEC failure analysis framework - Research-grade threat modeling and signal correlation

• Updated
• Python

A lightweight tool written in Go to monitor and detect potential DNS exfiltration attempts in real-time. Designed for network security analysis.

• Updated
• Go

Deterministic DNS TXT tunnel detection. Composite anomaly scoring over PCAP and Zeek logs — every score is a decomposable function of six inspectable features. No ML. No black boxes. It computes. It explains.

• Updated
• Rust

Bulk domain email security lockdown tool that prevents email phishing and spoofing attacks by automatically configuring SPF hard fail, null MX records, and DMARC rejection policies on unused Cloudflare-managed domains.

• Updated
• Shell

Zero-Trust DNS platform with a WFP kernel driver, SHA3-512 integrity enforcement, and ISO 27001 A.8.28 compliant Rust implementation.

• Updated
• Rust

An advanced, security-focused network traffic analysis tool designed for system administrators, cybersecurity professionals, and network engineers. The xsukax PCAP Analyzer provides comprehensive insights into network behavior while maintaining strong privacy protections and offering advanced threat detection capabilities.

• Updated
• Python

Multi-layer real-time MITM protection for Linux — blocks ARP poisoning, DNS spoofing, rogue DHCP offers, rogue access points, SSL strip, broadcast poisoning (LLMNR, mDNS, NBNS, WS-Discovery), ICMP redirect exploits, HTTPS to HTTP downgrade attacks

• Updated
• Python

Forensic triage of DNS cache poisoning in legacy hardware. Includes PCAP analysis of 839-byte unsolicited record injections, CVE-2025-40778 mapping, and remediation via hardened Unbound (DoT) on Arch Linux.

• Updated
• Shell

Hardened Ubuntu 25.10 - NextDNS DoH

• Updated
• Shell

Secure your online experience with AdGuard Home, your ultimate solution for a clean and safe browsing environment.

• Updated

Setting up DNS SEC Through Local Resolution Using Docker Containers - An Analysis

• Updated
• Dockerfile

CarbolicAcid is a high‑performance CoreDNS security plugin for filtering poisoned DNS responses at the IP layer.

• Updated
• Go

Refuser is a CoreDNS plugin that actively blocks DNS queries matching entries in external rule files. It supports periodic hot‑reload, allowing rule updates to take effect without restarting CoreDNS.

• Updated
• Go

DNSSEC chain-of-trust validator in Python. Verifies DS, DNSKEY and RRSIG records from the root trust anchor to a target domain.

• Updated
• Python