FakeDNS.rb

This weekend i made a simple "FakeDNS" to use in my malware lab environment. There are already a few scripts out there which does the same - but this didnt stop me building my own as the worst would happen is that i would learn something new.....

I found a great source (along with RFC1035)  at networksorcery.com which pretty much explains the DNS protocol. Using those resources along with Wireshark to see how a response is done made it easy to fake a DNS response...

This is what i ended up with when using dig, and it works pretty well as seen below.

Yet another tool in my toolbox, yay!

Download it here: https://github.com/terjehaarstad/fakedns