SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 DNS Open-Source Projects
-
awesome-selfhosted
A list of Free Software network services and web applications which can be hosted on your own servers
Project mention: Nearly half of Nvidia's revenue comes from four mystery whales each buying $3B+ | news.ycombinator.com | 2024-08-31Teams: several options
Office 365: several options
OneDrive: several options
Check out https://github.com/awesome-selfhosted/awesome-selfhosted
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
Project mention: pifi-openwrt-raspberry-pi VS Pi-hole - a user suggested alternative | libhunt.com/r/pifi-openwrt-raspberry-pi | 2024-09-09
PiFi includes network-wide ad and tracker blocking (alongside Wireguard/OpenVPN client support and NAS features)
-
nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal. (by ehang-io)
-
Nacos
an easy-to-use dynamic service discovery, configuration and service management platform for building cloud native applications.
Project mention: Nacos: Dynamic Naming and Configuration Service | news.ycombinator.com | 2024-04-07 -
Try AdGuardHome. https://github.com/AdguardTeam/AdGuardHome
I basically have all my devices use it when I am on my network, and when I am off my network, my Wireguard connection (or Tailscale depending...) uses my home DNS server.
-
Xray-core
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
Project mention: 17-Year-Old Student Exposes Germany's 'Secret' Pirate Site Blocklist | news.ycombinator.com | 2024-08-23> something standard and indistinguishable, like QUIC, DTLS or TLS1.3, for their transport layer.
Exactly this does exist, search for xray / xtls-reality.
A node pretends to be a valid web site, with a valid third-party TLS certificate (like a CDN node serving that website), until a correct secret key is presented, then it looks like regular TLS-encrypted web traffic.
E.g. https://github.com/XTLS/Xray-core — most documentation, sadly but expectedly, is in Chinese and Russian, because these folks seem to need this most.
-
Also, not all SOCKS5 servers support UDP associate. Dante, 3proxy and gost support it, but ssh -D doesn't.
-
Yes lots of folks[0]. At Cruise we made use of it to do split dns when were migrating from aws to gcp but dont know if it’s still used
[0] - https://github.com/coredns/coredns/blob/master/ADOPTERS.md
-
The Amass tool is a perfect fit for the sub-techniques in the Search Open Technical Databases category which is part of the reconnaissance phase from the matrix above.
-
Project mention: What to do with your DNS when ODoH's Trust-Me-Bruh Model doesn't work for you | dev.to | 2024-02-29
There is more than one way to do this but I have decided to use dnscrypt-proxy. We will not be using dnscrypt for the dnscrypt protocol though you could elect to use that as the underlying DNS protocol. dnscrypt-proxy lets's us use a SOCKS5 proxy through which the DNS queries will be sent. We will use a Tor SOCKS5 proxy here. You can choose which protocols should be enabled and which ones should be disabled. There are two points:
-
Project mention: Ask HN: How to find subdomains and paths for a website | news.ycombinator.com | 2024-06-01
Are you looking for something like Gobuster?
https://github.com/OJ/gobuster
-
Project mention: Portmaster is a privacy suite for your Windows and Linux desktop | news.ycombinator.com | 2024-02-06
-
-
smartdns
A local DNS server to obtain the fastest website IP for the best Internet experience, support DoT, DoH. 一个本地DNS服务器,获取最快的网站IP,获得最佳上网体验,支持DoH,DoT。
-
-
-
You could just get a wildcard certificate with lets encrypt, via a dns challenge.
E.g. lego supports many different dns providers
https://go-acme.github.io/lego/
And then internally inside of tailscale you could have your own dns server, which serves subdomains of your domain, and for all subdomains you can use the same wildcard certificate.
This also does not 'expose' your subdomains on Certificate Transparency logs
-
external-dns
Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
The second one is a combination of tools: External DNS, cert-manager, and NGINX ingress. Using these as a stack, you can quickly deploy an application, making it available through a DNS with a TLS without much effort via simple annotations. When I first discovered External DNS, I was amazed at its quality.
-
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
-
Project mention: Runs on your OpenWrt box: AdGuard Home is network-wide blocking ads and tracking | news.ycombinator.com | 2024-02-06
Hagezi blocklists are the current standard now: https://github.com/hagezi/dns-blocklists
You could go for one of the Lite blocklists for the network wide, family friendly (non-breaking) list.
-
Project mention: Malaysia started mandating ISPs to redirect DNS queries to local servers | news.ycombinator.com | 2024-09-06
Many VPN offer anonymized DNS too, and there is also Iodine ( https://github.com/yarrick/iodine ) etc.
I have doubts they will be able to cover all of IPv6, or be able to handle inspection of obfuscated encrypted traffic.
People will find a way through... even if it is a satellite. =3
-
Project mention: Release Radar · July 2024: Major updates from the open source community | dev.to | 2024-08-02
We had to feature doggo, Bluey is an Australian National icon 🐶, and I'm Aussie after all. That aside, Doggo is a modern command line DNS client written in Golang. It outputs information in a concise manner, and supports DoH, DoT, DoQ, and DNSCrypt. It's not just called doggo for the Bluey fans and dog lovers, (even though doggos are the best, sorry cat people), it's inspired by dog written in Rust. Doggo is written in Go, so dog + go = doggo! Congratulations on shipping—and writing—your first DNS client 🥳.
-
MyIP
The best IP Toolbox. Easy to check what's your IPs, IP geolocation, check for DNS leaks, examine WebRTC connections, speed test, ping test, MTR test, check website availability, whois search and more! || 🇨🇳 可能是最好用的IP工具箱。轻松检查你的 IP,IP 地理位置,检查DNS泄漏,检查 WebRTC 连接,速度测试,ping 测试,MTR测试,检查网站可用性,查询 Whois 信息等等。 (by jason5ng32)
Project mention: Show HN: I just made an All-In-One IP Toolbox form builder open-sourced | news.ycombinator.com | 2024-04-14
DNS discussion
DNS related posts
-
How to set up TCP/UDP transparent proxy with iptables
-
Using Cloudflare, query DNS resolution results from 120 countries and 330 cities
-
Ask HN: 1000+ Visitors, how to get more conversions on your SaaS?
-
Ask HN: What currently is the best, nerd-friendly, rootable Android phone?
-
Pifi-org/pifi-openwrt-raspberry-pi: Firmware Files for Raspberry Pi (PiFI)
-
passivedns alternatives - DNSWatch and dnsmonster
3 projects | 12 Sep 2024 -
pifi-openwrt-raspberry-pi VS Pi-hole - a user suggested alternative
2 projects | 9 Sep 2024 -
A note from our sponsor - SaaSHub
www.saashub.com | 4 Oct 2024
Index
What are some of the best open-source DNS projects? This list will help you:
Project | Stars | |
---|---|---|
1 | awesome-selfhosted | 197,129 |
2 | Pi-hole | 48,662 |
3 | nps | 30,445 |
4 | Nacos | 30,102 |
5 | AdGuardHome | 24,750 |
6 | Xray-core | 24,631 |
7 | gost | 15,817 |
8 | CoreDNS | 12,275 |
9 | amass | 11,882 |
10 | dnscrypt-proxy | 11,339 |
11 | gobuster | 9,626 |
12 | portmaster | 9,215 |
13 | docker-pi-hole | 8,393 |
14 | smartdns | 8,327 |
15 | sliver | 8,293 |
16 | dns | 7,992 |
17 | lego | 7,907 |
18 | external-dns | 7,612 |
19 | awesome-hacker-search-engines | 7,525 |
20 | dns-blocklists | 6,195 |
21 | iodine | 6,179 |
22 | dog | 6,109 |
23 | MyIP | 6,041 |