DNSWatch – DNS Traffic Sniffer And Analyzer

DNS Watch
DNS Watch

DNSWatch is a Python-based tool that allows you to sniff and analyze DNS (Domain Name System)  on your network.

It listens to DNS requests and responses and provides insights into the DNS activity.


  • Sniff and analyze requests and responses.
  • Display DNS requests with their corresponding source and destination IP addresses.
  • Optional verbose mode for detailed packet inspection.
  • Save the results to a specified output file.
  • Filter DNS traffic by specifying a target IP address.
  • Save DNS requests in a database for further analysis(optional)
  • Analyze DNS types (optional).
  • Support for DNS over HTTPS (DoH) (optional).

Also See: What is DNS Rebinding Attack?


  • Python 3.7+
  • scapy 2.4.5 or higher
  • colorama 0.4.4 or higher
DNS Watch Dashboard
DNS Watch Dashboard


Clone this repository:

git clone https://github.com/HalilDeniz/DNSWatch.git
Install the required dependencies:
pip install -r requirements.txt


  • python dnswatch.py -i <interface> [-v] [-o <output_file>] [-k <target_ip>] [–analyze-dns-types] [–doh]
  • -i, –interface: Specify the network interface (e.g., eth0).
  • -v, –verbose: Use this flag for more verbose output.
  • -o, –output: Specify the filename to save results.
  • -t, –target-ip: Specify a specific target IP address to monitor.
  • -adt, –analyze-dns-types: Analyze DNS types.
  • –doh: Use DNS over HTTPS (DoH) for resolving DNS requests.
  • -fd, –target-domains: Filter DNS requests by specified domains.
  • -d, –database: Enable database storage for DNS requests.
  • Press Ctrl+C to stop the sniffing process.


  • Sniff DNS traffic on interface “eth0”:
    python dnswatch.py -i eth0
  • Sniff DNS traffic on interface “eth0” and save the results to a file:
    python dnswatch.py -i eth0 -o dns_results.txt
  • Sniff DNS traffic on interface “eth0” and filter requests/responses involving a specific target IP:
    python dnswatch.py -i eth0 -t
  • Sniff DNS traffic on interface “eth0” and enable DNS type analysis:
    python dnswatch.py -i eth0 –analyze-dns-types
  • Sniff DNS traffic on interface “eth0” using DNS over HTTPS (DoH):
    python dnswatch.py -i eth0 –doh
  • Sniff DNS traffic on interface “wlan0” and Enable database storage
    python3 dnswatch.py -i wlan0 –database


DNSWatch is licensed under the MIT License. See the LICENSE file for details.


This tool is intended for educational and testing purposes only. It should not be used for any malicious activities.

Download DNS Watch

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article
Kali Linux 2023-3

Kali Linux 2023.3 Releases With Autopilot and Redesign

Next Article
TikTok Privacy Guidelines

How To Remove A Video Uploaded by Someone Else on TikTok

Related Posts