A tool written in Perl to enumerate information on a domain. It uses the Net::DNS module.
The tool consists of 5 stages:

Lookup and return the nameservers of a domain
Try zonetransfers on these nameservers
Do a “bruteforce” style lookup on the domain with a dictionary
From 2) gather IP address information and return a list of class C networks
Do [...]

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig
to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to [...]

This PERL script, by Jimmy Neutron, is great for determining DNS names with Google. This tool, which is essential for network mapping, accepts two somewhat related words, and a domain name as arguments. The two words are sent through Google sets which expands the words into a list of related words. For example, “earth” and [...]

A tool written in Perl to enumerate information on a domain. It uses the Net::DNS module.
Things you can do with this program:
1. Finding interesting remote access servers (i.e.: https://extranet.targetdomain.com)
2. Finding badly configured and/or unpatched servers (i.e.: test.targetdomain.com)
3. Finding new domain names which will allow you to map non-obvious/hard-to-find netblocks
of your target organization (registry lookups - [...]