Dnsrecon tool (DNS Zone transfer)

nslookup 10.10.10.13 will get domain name
dnsrecon -d megacorpone.com -t axfr for dnszone transfer
dnsrecon -d megacorpone.com -t axfr -n <server> can put ip address of machine
- dnsrecon -d megacorpone.com -t axfr -n 10.10.10.13
dnsrecon -d megacorpone.com -D ~/list.txt -t brt for bruteforce
edit /etc/hosts
- 10.10.10.13 cronos.htb admin.cronos.htb ns1.cronos.htb www.cronos.htb