whonow - A malicious DNS server for executing DNS Rebinding attacks on the fly.

whonow – A malicious DNS server for executing DNS Rebinding attacks on the fly.

Whonow DNS Server is A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves.

What’s great about dynamic DNS Rebinding rules is that you don’t have to spin up your own malicious DNS server to start exploiting the browser’s Same-origin policy. Instead, everyone can share the same public whonow server running on port 53 of rebind.network

Dependencies:
+ Node JS

whonow v1.1.2

Note: You should include UUIDs (e.g. a06a5856-1fff-4415-9aa2-823230b05826) as a subdomain in each DNS lookup to a whonow server. These have been omitted from examples in this README for brevity, but assume requests to *.rebind.network should be *.a06a5856-1fff-4415-9aa2-823230b05826.rebind.network. See the Gotchas section for more info as to why.

Use and Download:

Source: https://github.com/brannondorsey