Historical DNS
- Module Name:
Historical_DNS - Description: Returns historical DNS data for a given domain.
- Author: Samuel Marques
- Version: 1.0.0
- Category: Discovery
Description
The Historical_DNS module analyzes historical DNS data to identify old records, infrastructure changes, and abandoned subdomains. It uses HackerTarget, ViewDNS, and SecurityTrails (optional) APIs to gather historical IP and DNS data, tracks domain-to-IP mappings over time, and detects reusable IPs that might be associated with past infrastructure, including potential cloud/CDN migrations or abandoned assets.
This module gathers information from ViewDNS, HackerTarget, SecurityTrails (when API key is provided), and crt.sh for historical DNS data and IP history.
Options
| Option | Description | Default | Required | Value Type |
|---|---|---|---|---|
TARGET |
The domain name to analyze | None | Yes | domain |
SECURITYTRAILS_API_KEY |
API Key for SecurityTrails | None | No | None |
Usage
keen > use historical_dns
keen(discovery/historical_dns) > set target <domain>
keen(discovery/historical_dns) > run