dnxty is a lightweight, command‑line DNS TXT Record Extraction Utility designed for OSINT analysts, security researchers, and beginners alike. It performs DNS lookups on domains and extracts key/value pairs from TXT records (commonly used for domain verification), with options for simplified output, colorized output, multiple formats, and advanced filtering.
- DNS TXT Record Lookup: Query domains for TXT records using Go’s native DNS libraries.
- Key/Value Extraction: Automatically extract common verification strings (e.g.
google-site-verification) into user‑friendly keys (e.g.google). - Simplified Mode: Use the
--simpleflag to output only the domain and a deduplicated, simplified key. - Multiple Output Formats: Print results as a pretty table, JSON, YAML, or CSV.
- Color & Syntax Highlighting: Enjoy vibrant, color‑coded output by default (with the option to disable via
--no-color). - Advanced Filtering: Skip SPF records by default (unless overridden with
--include-spf) and choose to output all TXT records if desired. - OSINT & Automation Friendly: Easily combine with other Linux command‑line utilities for advanced filtering and analysis.
You can easily install dnxty using the go install command. Make sure you have Go installed (tested on Go version go1.23.3 linux/amd64). Run the following command to install the latest tagged version:
go install github.com/rainmana/dnxty@latestEnsure that your $GOPATH/bin (typically ~/go/bin) is in your system's PATH so that you can run dnxty from anywhere. For example, add the following line to your shell profile (e.g., ~/.bashrc or ~/.zshrc):
export PATH=$PATH:$(go env GOPATH)/binIf you’d like to build from source or contribute to dnxty, follow these steps:
-
Clone the Repository:
git clone https://github.com/rainmana/dnxty.git cd dnxty -
Download Dependencies:
The dependencies are managed via Go modules. If needed, run:
go mod tidy
-
Compile the Binary:
To compile and produce an executable named
dnxty, run:go build -o dnxty main.go
Note
On Windows, this will produce dnxty.exe
-
Making Changes:
- Edit the source code in your favorite editor.
- Test your changes locally by rebuilding the binary.
- Consider writing tests for new features.
- Commit your changes and open a pull request on GitHub if you’d like to contribute.
-
Tagging a Release:
For new releases, tag your commit with a semantic version. For example:
git tag v1.0.0 git push origin v1.0.0
Run dnxty with one or more domains as positional arguments, or provide a file of domains. Below are some examples:
./dnxty example.com./dnxty example.com alecakin.com./dnxty --file domains.txt./dnxty --file domains.txt --format json./dnxty --all example.com./dnxty --include-spf example.com./dnxty --simple example.com./dnxty --verbose --dns 8.8.8.8:53 example.comPipe the JSON output into jq for further filtering:
./dnxty --format json example.com | jq '.[].domain'Combine with grep and awk for custom filtering:
./dnxty example.com | grep example | awk '{print $1, $3}'- Domain Reconnaissance: Quickly retrieve and parse TXT records from multiple domains for potential indicators showing a domain's external services and providers in use.
- Verification Check: Identify and extract domain verification tokens for services like Google, Facebook, and HubSpot.
- Automation: Integrate dnxty into larger OSINT pipelines (e.g., combining with
curl,grep,jq, etc.) for automated monitoring and reconnaissance.
Here are some potential future enhancements that could make dnxty even more powerful:
- DNS over HTTPS (DoH) Support: Enable secure and privacy-focused DNS lookups using DoH.
- Real-Time Monitoring Mode: Add a watch mode that continuously monitors domains for TXT record changes.
- Subdomain Enumeration Integration: Automatically discover and analyze subdomains for comprehensive reconnaissance.
- Interactive CLI Mode: Develop an interactive interface to guide users through common OSINT tasks.
- Plugin System: Allow community-developed plugins for custom parsing, reporting, and integration with other tools.
- Enhanced Reporting: Generate detailed reports (in HTML, PDF, etc.) for sharing analysis results.
- Improved Error Handling & Logging: Offer verbose logging and error reporting options for troubleshooting and audit purposes.
- Code Style: The project is written in Go and attempts to follow standard Go conventions (this is my first, "real", Go project).
- Contributing: Feel free to open issues or pull requests if you have ideas for new features, bug fixes, or improvements.
- Testing: We welcome tests—if you add features, please include tests to help maintain the code quality.
- Release Automation Use
./release.shto performa automatic release tagging. Use with flag--majorto automatically increment a major version.
This project is licensed under the MIT License. See the LICENSE file for details.
Note
This project uses the gopkg.in/yaml.v2 package, which is licensed under the Apache License, Version 2.0. Please see the NOTICE file for additional attribution.
- Inspired by OSINT and security research tools I've relied on for years as a Security Engineer
- Thanks to the Go community for robust libraries like
net,flag, and third‑party packages for colorful CLI output.
Happy hunting! 🕵️♂️
— Rainmana —
- All opinions are my own and do not represent those of my employer.
- Any tools listed or linked here are for ethical, legal, authorized, and educational purposes only.