Skip to main content
Glama
operantlabs

operant-mcp

Official
by operantlabs
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Local

recon_dns

Perform DNS enumeration to discover A, AAAA, MX, TXT, NS, CNAME records, test for zone transfers, and identify BIND versions for security testing and network reconnaissance.

Instructions

Full DNS enumeration: A, AAAA, MX, TXT, NS, CNAME, AXFR, BIND version. Returns records object, axfr_result, and bind_version. Read-only DNS queries.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
targetYesTarget domain, e.g. example.com

Implementation Reference

  • src/tools/recon.ts:79-126 (handler)
    The "recon_dns" tool is registered and implemented in src/tools/recon.ts. It performs DNS enumeration using 'dig' for common record types and attempts zone transfers and BIND version disclosure.
    server.tool(
  "recon_dns",
  "Full DNS enumeration: A, AAAA, MX, TXT, NS, CNAME, AXFR, BIND version. Returns records object, axfr_result, and bind_version. Read-only DNS queries.",
  {
    target: z.string().describe("Target domain, e.g. example.com"),
  },
  async ({ target }) => {
    requireTool("dig");

    const recordTypes = ["A", "AAAA", "MX", "TXT", "NS", "CNAME", "SOA"];
    const records: Record<string, string[]> = {};
    for (const rtype of recordTypes) {
      const res = await runCmd("dig", ["+short", rtype, target]);
      records[rtype] = parseLines(res.stdout);
    }

    // Zone transfer attempt
    const nsServers = records["NS"] ?? [];
    let axfrResult = "";
    for (const ns of nsServers.slice(0, 3)) {
      const nsClean = ns.replace(/\.$/, "");
      const axfr = await runCmd("dig", ["AXFR", target, `@${nsClean}`], { timeout: 15 });
      if (axfr.success && axfr.stdout.length > 100) {
        axfrResult = axfr.stdout.slice(0, 3000);
        break;
      }
    }

    // BIND version disclosure
    let bindVersion = "";
    for (const ns of nsServers.slice(0, 2)) {
      const nsClean = ns.replace(/\.$/, "");
      const bv = await runCmd("dig", ["version.bind", "CHAOS", "TXT", `@${nsClean}`], { timeout: 10 });
      if (bv.success && bv.stdout.toLowerCase().includes("version")) {
        bindVersion = bv.stdout.slice(0, 500);
        break;
      }
    }

    const result = {
      records,
      axfr_result: axfrResult || "Zone transfer denied or no NS servers found.",
      bind_version: bindVersion || "Not disclosed.",
    };

    return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
  }
);
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/operantlabs/operant-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server