Top
JohnKlann / How to  / Basic Powershell DNS Enumeration Module

Basic Powershell DNS Enumeration Module

This one will allow you too enumerate dns and filter by exclusion or inclusion of different record types.

<# 
    .SYNOPSIS simplifies dns enum and record type filtering 
    .EXAMPLE Ex1: (use default zone and server, return all records found) .\Get-DNSEnum.ps1 or 
            Ex2: (specifiy zone and server, return all except SVR and NS Records) .\Get-DNSEnum.ps1 -Zone domain.local -dc DomainControllerName -Exlcude 'SVR','NS' 
    .DESCRIPTION Detailed Syntax: .\Get-DNSEnum.ps -[Zone|z] dnszone -[Domain|dc] dns or domaincontroller -[ExcludeList|e] 'record','type(s)','to','exclude' -[IncludeList|i] 'record','type(s)','to','include' 
    .NOTES Author: John Klann 
#>
[cmdletbinding()]
Param
(
    [Parameter(Mandatory=$False, HelpMessage='Dns Zone aka domain' )]
    [Alias('z')]
    [string]$Zone = 'default zone / domain',
    [Parameter(Mandatory=$False, HelpMessage='Domain Controller')]
    [Alias('dc')]
    [string]$Domain = 'default domain controller',
    [Parameter(Mandatory=$False, HelpMessage='Record Type Include list')]
    [Alias('i')]
    [string[]]$IncludeList,
    [Parameter(Mandatory=$False, HelpMessage='Record Type Exclude List')]
    [Alias('e')]
    [string[]]$ExcludeList
)

if ($ExcludeList.Count -gt 0)
{
    Get-DnsServerResourceRecord -ZoneName $Zone -ComputerName $Domain | Where-Object { $_.RecordType -notin $ExcludeList }
}
elseif ($IncludeList.Count -gt 0)
{
    Get-DnsServerResourceRecord -ZoneName $Zone -ComputerName $Domain | Where-Object { $_.RecordType -in $IncludeList }
}
else
{
    Get-DnsServerResourceRecord -ZoneName $Zone -ComputerName $Domain
}