The Domain Name System is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.
SERVER {DNS Server}
{IP we want to check}
dig a domainname.com @nameserver
dig mx domainname.com @nameserver
root@Kali:~# dig ns zonetransfer.me
[snip]
;; ANSWER SECTION:
zonetransfer.me. 7186 IN NS nsztm2.digi.ninja.
zonetransfer.me. 7186 IN NS nsztm1.digi.ninja.
Dnsrecon.py -d {domain}
Link: https://github.com/darkoperator/dnsrecon
Reverse lookup:
./dnsrecon.py -r <startIP-endIP>
view all dns records
dig zonetransfer.me -t ANY
Using dig first find NS Server::