Blockstack - Decentralized DNS for Blockchain Applications

  •        1786

Blockstack is decentralized DNS and identity. With the Blockstack software, a network of computers collectively maintain a global registry of names. When you run a Blockstack node, you join this network, which is more secure by design than traditional DNS systems and identity systems. This is because the system's registry and its records are secured by an underlying blockchain, which is extremely resilient against tampering and control.

https://blockstack.org/
https://github.com/blockstack/blockstack

Tags
Implementation
License
Platform

   




Related Projects

blockstack-core - The reference implementation of Blockstack

  •    Python

blockstack-core is the reference implementation of the Blockstack protocol.Blockstack is a new decentralized internet where you own your data and your apps run locally without remote servers.

blockstack-browser - The Blockstack Browser

  •    Javascript

The Blockstack Browser allows you to explore the Blockstack internet.Blockstack Browser requires a local instance of Blockstack Core to run. To get started, first install Blockstack Core and then proceed with the installation of Blockstack Browser.

tenta-dns - Recursive and authoritative DNS server in go, including DNSSEC and DNS-over-TLS

  •    Go

Tenta DNS provides a DNS server suite comprising an authoritative DNS server, recursive DNS server, and NSnitch, which provides a DNS server capable of recording the IP address of requests made against it and then makes that IP available via a JSON API. Tenta DNS also provides lookups for Tor Node membership, DNS blacklist status and Geo data. Finally, Tenta DNS includes built-in BGP integration, offering single engine convenience for DNS anycasting. We welcome people to use our hosted versions of recursive resolver and NSnitch. Please see Usage, for details on how to set Tenta DNS as your default DNS resolver, or APIs, for NSnitch REST API information. Just want to use our hosted recursive resolver? We offer two options, using either OpenNIC root servers or the normal ICANN root servers.

KadNode - P2P DNS with content key, crypto key and PKI support. DynDNS alternative.

  •    C

KadNode is a small and decentralized DNS resolver that can use existing public key infrastructures. It utilizes the BitTorrent P2P network and mbedtls for TLS/crypto support. KadNode can intercept .p2p domain queries on the systems level and resolve them using a decentralized DHT network. TLS authentication can be used to make sure the correct IP address was found. If successful, the IP address is passed to the application making the request.


whonow - A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind

  •    Javascript

A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves. What's great about dynamic DNS Rebinding rules is that you don't have to spin up your own malicious DNS server to start exploiting the browser's Same-origin policy. Instead, everyone can share the same public whonow server running on port 53 of rebind.network.

your-dns - A docker-compose file to provide a secure adblocking DNS server

  •    

NOTE: if you are interested in a hosted solution, please take a look at nextdns.io. I'm not affiliated with nextdns.io. NEW: Try using your-dns.run as a DNS-over-TLS server. You can use this domain with "Private DNS" feature in > Android 9 (Pie). This server is set up using the your-dns-run branch of this repo.

acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely

  •    Go

A simplified DNS server with a RESTful HTTP API to provide a simple way to automate ACME DNS challenges. Many DNS servers do not provide an API to enable automation for the ACME DNS challenges. Those which do, give the keys way too much power. Leaving the keys laying around your random boxes is too often a requirement to have a meaningful process automation.

trust-dns - A Rust based DNS client, server, and resolver

  •    Rust

A Rust based DNS client and server, built to be safe and secure from the ground up. Using the ClientFuture is safe. ClientFuture is a brand new rewrite of the old Client. It has all the same features as the old Client, but is written with the wonderful futures-rs library. Please send feedback! It currently does not cache responses, if this is a feature you'd like earlier rather than later, post a request. The validation of DNSSec is complete including NSEC. As of now NSEC3 is broken, and I may never plan to support it. I have some alternative ideas for private data in the zone. The old Client has been deprecated, so please use the ClientFuture. If this is an inconvenience, I may add a convenience wrapper around ClientFuture that would match the old Client; if this is something you would like to see, please file an issue.

external-dns - Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services

  •    Go

ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.Inspired by Kubernetes DNS, Kubernetes' cluster-internal DNS server, ExternalDNS makes Kubernetes resources discoverable via public DNS servers. Like KubeDNS, it retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. Unlike KubeDNS, however, it's not a DNS server itself, but merely configures other DNS providers accordingly—e.g. AWS Route 53 or Google CloudDNS.

Atomia DNS - DNS Management Software

  •    Perl

Atomia DNS is a multitenant system for handling large amounts of DNS data through programmatic interfaces. Atomia DNS also contains synchronization agents for making sure that this data hits all of your name servers. Agents for PowerDNS (which is our recommended, default DNS server option) and Bind-DLZ are included.

PowerDNS - DNS resolver

  •    C++

PowerDNS is a DNS server which helps to resolve the name server. It supports geographic load balancing and failover. It stores zone information to relational database and BIND style file.

getdns - A modern asynchronous DNS API

  •    C

getdns is an implementation of a modern asynchronous DNS API; the specification was originally edited by Paul Hoffman. It is intended to make all types of DNS information easily available to application developers and non-DNS experts.

sdns - A lightweight fast recursive dns server with dnssec support

  •    Go

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change. Please make sure to update tests as appropriate.

dnsdiag - DNS Diagnostics and Performance Measurement Tools

  •    Python

Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to make sure your DNS is working as you expect. You can measure the response time of any given DNS server for arbitrary requests using dnsping. Just like traditional ping utility, it gives you similar functionality for DNS requests.

jitsu - A DNS server that automatically starts unikernels on demand

  •    OCaml

Jitsu is experimental software. See LICENSE for conditions. Jitsu is a forwarding DNS server that automatically boots unikernels on demand. When a DNS query is received, Jitsu first checks for a local unikernel that is mapped to the requested domain. If a unikernel is found, the unikernel is started and its IP is returned to the client. Otherwise, the request is forwarded to the next DNS server. If no DNS requests are received for the unikernel within a given timeout period it is automatically stopped.

NSD - NLnet Labs Name Server Daemon (NSD) is an authoritative DNS name server

  •    C

The NLnet Labs Name Server Daemon (NSD) is an authoritative DNS name server. It has been developed for operations in environments where speed, reliability, stability and security are of high importance.

Dual DHCP DNS Server

  •    C

DHCP plus DNS Server Open Source Freeware Windows/Linux. Works as DHCP or DNS Server or both. Using both services adds DHCP allotted hosts automatically to DNS Server. Support Relay Agent, PXEBOOT, BOOTP, Zone Trasfer, DHCP Range Filters. Download.

mitm6 - pwning IPv4 via IPv6

  •    Python

mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server. As DNS server, mitm6 will selectively reply to DNS queries of the attackers choosing and redirect the victims traffic to the attacker machine instead of the legitimate server. For a full explanation of the attack, see our blog about mitm6. Mitm6 is designed to work together with ntlmrelayx from impacket for WPAD spoofing and credential relaying. For python 2.7, it uses the ipaddress backport module. You can install the latest release from PyPI with pip install mitm6, or the latest version from source with python setup.py install after cloning this git repository.

FakeDns - A regular-expression based python MITM DNS server with support for DNS Rebinding attacks

  •    Python

The answer could be a ip address or string self, the self syntax sugar will be translated to your current machine's local ip address, such as 192.168.1.100. If a match is not made, the DNS server will attempt to resolve the request using whatever you have your DNS server set to on your local machine and will proxy the request to that server on behalf of the requesting user.