edgedns - A high performance DNS cache designed for Content Delivery Networks

  •        26

A high performance DNS cache designed for Content Delivery Networks, with built-in security mechanisms to protect origins, clients and itself. On Linux, you may use that sample systemd service to start it.

https://github.com/jedisct1/edgedns

Tags
Implementation
License
Platform

   




Related Projects

sites-using-cloudflare - :broken_heart: Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement

  •    

This is an (archived) list of sites on Cloudflare DNS at the time of the CloudBleed HTTPS traffic leak announcement. Original vuln thread by Google Project Zero.This list is archived and no longer under active maintenance. It may contain stale or inaccurate data that will not be corrected. Do not link to it from press releases, it is not intended for end-users. If people want to find it, they can Google it.

SimpleDnsCrypt - A simple management tool for dnscrypt-proxy

  •    CSharp

Simple DNSCrypt is a simple management tool to configure dnscrypt-proxy on windows based systems.If you are looking for an only command line tool, you can use the dnscrypt-proxy software. There are pre-compiled versions for any os. The dnscrypt-proxy software is written and maintained by Frank Denis (@jedisct1).

trust-dns - A Rust based DNS client, server, and resolver

  •    Rust

A Rust based DNS client and server, built to be safe and secure from the ground up. Using the ClientFuture is safe. ClientFuture is a brand new rewrite of the old Client. It has all the same features as the old Client, but is written with the wonderful futures-rs library. Please send feedback! It currently does not cache responses, if this is a feature you'd like earlier rather than later, post a request. The validation of DNSSec is complete including NSEC. As of now NSEC3 is broken, and I may never plan to support it. I have some alternative ideas for private data in the zone. The old Client has been deprecated, so please use the ClientFuture. If this is an inconvenience, I may add a convenience wrapper around ClientFuture that would match the old Client; if this is something you would like to see, please file an issue.

dnsjava - DNS implementation in Java

  •    Java

dnsjava is an implementation of DNS in Java. It supports all defined record types (including the DNSSEC types), and unknown types. It can be used for queries, zone transfers, and dynamic updates. A cache is used to reduce the number of DNS queries sent. A simple tool for doing DNS lookups, a 'dig' clone and a dynamic update client are included, as well as a simple authoritative-only server.


Kong - The Microservice API Gateway

  •    Lua

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015. Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations.

dns-rebind-toolkit - A front-end JavaScript toolkit for creating DNS rebinding attacks.

  •    Javascript

DISCLAIMER: This software is for educational purposes only. This software should not be used for illegal activity. The author is not responsible for its use. Don't be a dick. DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network (LAN). It can be used to target devices like Google Home, Roku, Sonos WiFi speakers, WiFi routers, "smart" thermostats, and other IoT devices. With this toolkit, a remote attacker can bypass a router's firewall and directly interact with devices on the victim's home network, exfiltrating private information and in some cases, even controlling the vulnerable devices themselves.

containerdns - a full cache DNS for kubernetes

  •    C

ContainerDNS is used as internal DNS server for k8s cluster, and use DNS library : https://github.com/miekg/dns. containerdns-kubeapi will monitor the services in k8s cluster,when the service is created and has been assigned with external ips, the user(docker)in cluster can access the service with the domain. When the domain has multiple ips, the containerdns will choose one actived for the user randomly, it seems like a load balancer. Also the containerdns offer "session persistence", that means we query one domain from one user ip, then the user access the domain later, the user will get the same service ip.

rubydns - RubyDNS provides a simple Ruby DSL for DNS servers.

  •    Ruby

RubyDNS is a high-performance DNS server which can be easily integrated into other projects or used as a stand-alone daemon. By default it uses rule-based pattern matching. Results can be hard-coded, computed, fetched from a remote DNS server or fetched from a local cache, depending on requirements. There are lots of examples available in the examples/ directory.

Coral CDN- Content Distribution Network

  •    C++

Coral is a peer-to-peer content distribution network. Sites that run Coral automatically replicate content. Using modern peer-to-peer indexing techniques, CoralCDN will efficiently find a cached object if it exists anywhere in the network.

docker-onion-nmap - Scan

  •    Shell

Use nmap to scan hidden "onion" services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS requests to port 9053. dnsmasq is configured to with this localhost:9053 as an authority DNS server. Proxychains is configured to proxy DNS through the local resolver, so all DNS requests will go through Tor and applications can resolve .onion addresses. When the container boots, it launches Tor and dnsmasq as daemons. The tor_wait script then waits for the Tor SOCKS proxy to be up before executing your command.

NSD - NLnet Labs Name Server Daemon (NSD) is an authoritative DNS name server

  •    C

The NLnet Labs Name Server Daemon (NSD) is an authoritative DNS name server. It has been developed for operations in environments where speed, reliability, stability and security are of high importance.

AiEngine - Packet Inspection Engine

  •    C++

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. AIEngine helps network/security profesionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on or use them on the engine automatically.

pfSense - Firewall and Routing platform

  •    PHP

pfSense is a powerful, flexible firewalling and routing platform. It includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a stateful firewall, by default all rules are stateful. A Dynamic DNS client is included to allow you to register your public IP with a number of dynamic DNS service providers.

java-dns-cache-manipulator - :earth_americas: A simple 0-dependency thread-safe java lib/tool for setting dns programmatically without touching host file, make unit/integration test portable

  •    Java

:earth_americas: A simple 0-dependency thread-safe java lib/tool for setting dns programmatically without touching host file, make unit/integration test portable.

nginxconfig.io - ⚙️ NGiИX config generator on steroids 💉

  •    HTML

NGINX is so much more than just a webserver. You already knew that, probably. A lot of features with corresponding configuration directives. You can deep dive into the NGINX documentation right now OR you can use this tool to check how NGINX works, observe how your inputs are affecting the output, generate the best config for your specific use-case (and in parallel you can still use the docs).

Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning

  •    Python

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.

domain_analyzer - Analyze the security of any domain by finding all the information possible

  •    Python

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresses, mails on Google, SPF information, etc. After all the information is stored and organized it scans the ports of every IP found using nmap and perform several other security checks. After the ports are found, it uses the tool crawler.py from @verovaleros, to spider the complete web page of all the web ports found. This tool has the option to download files and find open folders.