TLDR; D-Collector is a tool that fetches DNS records from various DNS management and cloud providers and normalize all records to a unified format.
Most of the enterprises nowadays are using multiple different cloud providers and DNS registrars. That creates a fertile ground for shadow IT to grow and makes it extremely hard for information security teams to map, manage and scan their attack surface.
The above led us to create D-Collector. Now, we can continuously scan our infrastructure for security vulnerabilities and drastically reduce the risk of shadow IT.
This tool has been created for IT and information security practitioners to easily automate their domains management and attack surface management.
- Provide D-Collector with your cloud providers API tokens/keys.
- D-Collector to fetch all DNS records from the given cloud providers.
- D-Collector to create a unified structured "domains.json" file with all the DNS records.
- Harness the magic for your needs.
- Copy 'config.py.example' to 'config.py'.
cp config.py.example config.py
- Fill the relevant variables (empty configs will be ignored).
- Define your company's known internal domain suffixes for the tool to classify as private.
E.g.,
.corp,.internal.
pip install d-collectorgit clone https://github.com/rotemreiss/D-Collector.git
cd D-Collector
pip install . dcollectorOutput Domains file will be in the following format (JSON):
[{"name": "domain name", "record_type": "DNS type (CNAME,A)", "record_value": "value (ip,ec2 domain name)", "is_private": "false/true"}]- Static domains from file
- AWS
- GCP
- Digital Ocean
- Prisma® Cloud (by Palo Alto Networks)
- Support for more cloud providers and DNS registrars.
Feel free to fork the repository and submit pull-requests.
