A(nother) continuously updated historical TLD records archive.
This repository is updated approximately every three hours with the results from DNS zone transfer attempts against the root nameservers and all existing TLD servers. This is done to keep record of zone files for various TLDs and to monitor how these zones change over time.
The current list of zones is available here. You can watch that file for changes in case another .kp DNS leak occurs (or similar).
Allowing global zone transfers is sometimes considered a security vulnerability due to this functionality giving attackers the ability to easily enumerate all DNS zone data for a specific domain. This is seen as an issue for system administrators who want to make enumerating sub-domains and other DNS data "hard" for malicious actors (read: forcing them to open OWASP/amass).
However, when it comes to TLDs and the root nameservers, zone transfers are shown in a different light. Zone transfers at this level can be beneficial as they are an easy way for a TLD to be transparent about its DNS changes. This project is not meant to encourage TLD DNS hosting providers to disable global zone transfers but rather to gather data on the ever-changing zone information for the Internet's TLDs.
This is a fork of mandatoryprogrammer/TLDR, which has been only slightly modified to:
- Show the current state of all available records in the archives directly, by omitting records (or even TLDs) which don't currently permit AXFRs (or have network errors, etc.).
- Run on Python3 instead of Python2.
TLDR itself was initially inspired by pzb/TLDs.