Enumeration - DNS

whois $URL

nslookup $URL

host $URL
host -t A $URL
host -t MX $URL
host -t TXT $URL
host -t CNAME $URL

host -l $URL ns1.$URL

dnsrecon -n $IP -d $URL

dnsrecon -n $IP -d $URL -t axfr

SUB=/usr/share/wordlists/seclists/Discovery/DNS/bitquark-subdomains-top100000.txt
dnsrecon -d $URL -n $IP -D $SUB -t brt

dig axfr @1.1.1.1 example.com

dig @10.0.2.5 chaos version.bind txt 
dig @10.0.2.5 chaos hostname.bind txt 
dig @10.0.2.5 chaos authors.bind txt 
dig @10.0.2.5 chaos ID.server txt

dnsenum $URL
dnsenum --dnsserver 1.1.1.1 $URL

SUB=/usr/share/wordlists/seclists/Discovery/DNS/bitquark-subdomains-top100000.txt
dnsenum --dnsserver $IP -f $SUB $URL