Skip to main content

Dumping DNS Records with adidnsdump

Active Directory Integrated DNS Dump (adidnsdump)

GitHub Repository


python3 -m pip install git+

Usage Examples

Requires a username and password to work. Outputs to records.csv .

# Show help message
adidnsdump -h

# Dump all records from the domain controller
# Requires a credential, may be a low-level user if default domain settings
adidnsdump -u 'domain.tld\username' -p 'password' -r ldap://dc-ip:389

# Post-compromise through a proxy host
proxychains -q adidnsdump -u 'domain.tld\username' -p 'password' -r --dns-tcp ldap://dc-ip:389