Pen Test PartnersDid you know your DNS security could accidentally leak your entire subdomain structure? Enter DNSSEC with NSEC/NSEC3 records, which is great for ensuring integrity and authentication but can also be a sneaky way for attackers to ‘zone walk’ and enumerate your domains...
Darrell Hall breaks it down in our latest blog post: https://www.pentestpartners.com/security-blog/dnssec-nsec-the-accidental-treasure-map-to-your-subdomains/
What's covered:
• How NSEC/NSEC3 can inadvertently expose DNS data
• The difference between zone transfers and zone walking
• How to crack NSEC3 records (and why you should care)
• Real-world examples and mitigation strategies
#DNSSEC #CyberSecurity #Infosec #DNS #NSEC #NSEC3 #ZoneWalking #ThreatIntel
DNSSEC NSEC. The accidental treasure map to your subdomains | Pen Test Partners
TL;DR: DNSSEC secures DNS but may unintentionally expose domain structures via NSEC/NSEC3 records, enabling zone walking to enumerate subdomains. NSEC openly lists domain names, making enumeration easy. NSEC3 hashes names, making enumeration harder, but attackers can still crack weak configurations. Zone Walking allows attackers to extract valid domains even when zone transfers (AXFR) are blocked.