The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Python DNS Projects
-
-
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Project mention: Show HN: WireHub – easily create and share WireGuard networks | news.ycombinator.com | 2023-11-05
-
-
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
A reminder that if you an internal-only server where the typical http-01' verification connection method will not work, especially if you cannot easily/dynamically update DNS records, one can use dns-01* by using DNS aliasing/CNAME:
* https://dan.langille.org/2019/02/01/acme-domain-alias-mode/
* https://www.eff.org/deeplinks/2018/02/technical-deep-dive-se...
So if you want a cert for www.internal.example.com, you will first have do a one-time change to have a _acme-challenge.www.internal… CNAME created to point to any other (sub-)domain where you can easily update things dynamically, e.g., www-internal.example-dnsapi.com.
When request the cert for "www.internal…", LE/ACME will look up the corresponding _acme-challenge record, and go to "_acme-challenge.www-internal.example-dnsapi.com. The nonce token will be there in the 'final' destination following the CNAME in a TXT, which shows LE/ACME that you control the DNS chain.
To do the DNS updating, you can use a CLI/Python library like Lexicon, which supports dozens of APIs:
-
-
Block the google, cloudflare ones - will cover most situations. Or white-list egress IPs for your unknown devices if you have to use them. Or setup a transparent proxy and inspect the content there and deny DNS. There ARE ways but yes things get a bit more complex. Most firewalls will be happy to index a long list of IPs as a set and perform well checking if src/dst ip matches. So you can use sites like https://github.com/dnscrypt/dnscrypt-resolvers to extract the list of IPs and update the set.
-
-
-
-
-
-
dnsrobocert
Orchestrate Certbot and Lexicon together to provide Let's Encrypt TLS certificates validated by DNS challenges
-
toriptables2
Tor Iptables script is an anonymizer that sets up iptables and tor to route all services and traffic including DNS through the Tor network.
-
-
Project mention: Secondary authoritative DNS service providers compared (2020) | news.ycombinator.com | 2024-04-08
NB. I do not know the number of POP for deSEC but it is certainly more than 1.
-
docker-traefik-cloudflare-companion
Automatically Create CNAME records for containers served by Traefik
-
In the last installment we looked at IP headers. One thing you might have seen missing is the port numbers. That's pretty important for making an internet connection. Well it turns out that IP tends to encapsulate other protocols (which is why it has protocol as part of the header). In this article we'll be looking at two popular protocols for internet traffic: TCP and UDP. Before we begin though install scapy which we'll be using to make things easier, and dnslib that will be used during the UDP section:
-
-
I don’t want to take away your spotlight, because it’s a nice project you launched even though I personally am allergic to small services that makes me log in, so I do want to point out to people that https://github.com/domainaware/checkdmarc exists for quite a while. I use it a lot manually and have also integrated it in various automated tooling.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python DNS related posts
- Secondary authoritative DNS service providers compared (2020)
- Show HN: DMARC Checker
- Ask HN: For what purposes do you use a Raspberry Pi?
- Using DuckDNS with custom domain
- DuckDNS is down again, seeking alternatives for multiple domains
- PowerDNS Admin Project Update
- PowerDNS Admin Project Update
-
A note from our sponsor - WorkOS
workos.com | 17 Apr 2024
Index
What are some of the best open-source DNS projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | Twisted | 5,411 |
2 | dnstwist | 4,508 |
3 | octoDNS | 2,960 |
4 | dnspython | 2,333 |
5 | PowerDNS-Admin | 2,312 |
6 | noisy | 1,618 |
7 | fierce | 1,499 |
8 | lexicon | 1,433 |
9 | Sooty | 1,280 |
10 | dnscrypt-resolvers | 1,117 |
11 | nsupdate.info | 1,003 |
12 | python-email-validator | 998 |
13 | FreeIPA | 914 |
14 | dnsdiag | 898 |
15 | aiodnsbrute | 623 |
16 | dnsrobocert | 545 |
17 | toriptables2 | 449 |
18 | Ip-Attack | 390 |
19 | desec-stack | 335 |
20 | docker-traefik-cloudflare-companion | 327 |
21 | dnslib | 289 |
22 | polaris-gslb | 271 |
23 | checkdmarc | 229 |