DNSQuerySniffer 2.00 Portable

DNSQuerySniffer Portable is a lightweight, passive network forensics, packet inspection, and DNS telemetry analyzer developed by NirSoft for network administrators, security researchers, and system engineers. It establishes a real-time, non-intrusive capture architecture that hooks into active network interfaces to dissect, log, and parse Domain Name System transactions across IPv4 and IPv6 topologies without installing drivers or altering host registry metrics.

Features:

• Multi-Engine Packet Interception Layer: Operates natively via Raw Sockets, WinPcap/NPcap drivers, or the Microsoft Network Monitor API, providing multiple interception paths to safely bypass local administrative security policies and capture both UDP and TCP port 53 traffic.
• Process-Level Source Attribution: Maps every captured DNS request directly to its initiating Process ID (PID), executable name, and full file path, allowing deployment teams to instantly isolate hidden telemetry channels, unwanted update agents, or malicious background callbacks.
• Granular Record Matrix & Filtering: Displays and filters a comprehensive range of structural record fields—including A, AAAA, MX, NS, PTR, SRV, and TXT—complete with microsecond duration tracking, response status indicators (such as NXDOMAIN or ServFail), and raw packet sizes.
• Flexible Forensic Reporting Engines: Supports zero-footprint exports of filtered datasets into structured CSV, XML, TXT, or styled HTML report layouts, streamlining automated processing via custom scripts or immediate distribution across security operations centers (SOC).

Download DNSQuerySniffer v2.00 Portable
Filespayout – 1.6 MB