DNSAudit.io

DNSAudit.io is a free, web-based DNS security scanning and auditing tool that allows users to assess the external DNS exposure of any domain. The platform requires no sign-up and delivers results in under 30 seconds by running 40 or more automated security checks against a submitted domain name. The tool evaluates DNS configurations across three main categories: - Core DNS Configuration: Checks for correct setup of A, AAAA, MX, NS, SPF, DMARC, DKIM, CNAME, TXT records, and DNSSEC status. - Security and Exposure: Detects misconfigurations such as zone transfer exposure, wildcard DNS misconfiguration, open resolver detection, DNS rebinding risks, amplification vectors, and missing security headers in TXT records. - Attack Surface Insights: Identifies DNS signals that expand external attack surface, including AI infrastructure exposure patterns, IPs linked to botnets or malware, suspicious TXT record payloads, dangerous CDN configurations, cloud storage references, and passive DNS threat correlation. After scanning, users receive a graded security score (ranging from F to A+ along with a report detailing what is exposed and what should be remediated. The platform maintains public leaderboards showing recently scanned domains, top-scoring domains, and lowest-scoring domains. DNSAudit.io is designed for security practitioners, IT administrators, and anyone seeking to understand the DNS-level attack surface of a domain without requiring account creation or tooling setup.