resolvalid
A fast, concurrent DNS server validator written in Go.
go install github.com/mmarting/resolvalid@latest
resolvalid takes a list of DNS servers (from a local file, a URL, stdin or a built-in public list) and tests each one concurrently to verify it resolves queries correctly. It establishes expected IPs using trusted public DNS servers (Cloudflare, Google), then marks servers as valid only if they return matching results. The output is a clean file with only valid, working DNS resolvers. Built to speed up recon automation pipelines where stale resolvers waste time.
How it works
Baseline
Tests the domain against trusted public DNS servers (1.1.1.1, 8.8.8.8, 8.8.4.4) to establish expected IP addresses
Test
Sends a DNS query to each server using a random or custom test domain via concurrent goroutines
Validate
Marks servers as valid only if they return one of the expected IPs within the timeout and latency limits
Output
Writes only valid, working DNS servers to the output file, one per line
Features
- Validates DNS servers from local file, URL, stdin, or built-in public list
- Concurrent goroutine-based validation for speed
- Verifies results against trusted DNS (Cloudflare, Google) to detect poisoned or censored responses
- Configurable timeout and max latency filtering
- Retry mechanism for failed DNS queries
- Custom test domain support
- Quiet mode for pipeline integration
- Clean output file with only working resolvers
Usage Examples
resolvalid -o valid_servers.txt
Use built-in public DNS list (no input file needed)
resolvalid -f dns_servers.txt -o valid_servers.txt
Validate a local file of DNS servers
resolvalid -u https://example.com/dns_list.txt -o valid_servers.txt -to 5s
Validate from a URL with custom timeout
cat dns_servers.txt | resolvalid -o valid_servers.txt
Piped input from stdin
resolvalid -f dns_servers.txt -o valid_servers.txt -ml 500ms -r 2
Latency filtering with retries
resolvalid -f dns_servers.txt -o valid_servers.txt -td mytestdomain.com -t 50 -q
Quiet mode, custom test domain, 50 threads
Options
| Flag | Description |
|---|---|
| -o, --output | Output file for valid DNS servers (required) |
| -f, --file | File containing the list of DNS servers (optional) |
| -u, --url | URL containing the file of DNS servers (default: public-dns.info) |
| -td, --test-domain | Domain used to test DNS servers (default: random) |
| -t, --threads | Number of concurrent threads (default: 20) |
| -to, --timeout | Timeout for DNS queries (default: 2s) |
| -ml, --max-latency | Maximum acceptable response time (disabled by default) |
| -r, --retries | Retries for failed DNS queries (default: 0) |
| -q, --quiet | Suppress output to the screen |
| -v, --version | Display version information |
| -h, --help | Display help information |