May 26, 2018
Network sniffer that logs DNS replies for use in passive DNS setups
A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics.
PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without losing the essense in the DNS answer.