DNSChef

DNS proxy for penetration testers and malware analysts. Intercepts DNS queries and returns forged responses, enabling traffic redirection for security testing. Supports selective domain filtering, wildcards, multiple record types (A, AAAA, MX, CNAME, NS, PTR, SOA), IPv6, TCP/UDP, and INI-based configuration files. Cross-platform (Linux, Windows, macOS, iOS, Android).

Evaluated Mar 08, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Security dns proxy penetration-testing malware-analysis dns-spoofing security-tools
⚙ Agent Friendliness
30
/ 100
Can an agent use this?
🔒 Security
8
/ 100
Is it safe for agents?
⚡ Reliability
51
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
5
Documentation
72
Error Messages
55
Auth Simplicity
0
Rate Limits
0

🔒 Security

TLS Enforcement
0
Auth Strength
0
Scope Granularity
0
Dep. Hygiene
50
Secret Handling
0

Offensive security tool. No network auth. Requires root. Authorized use only.

⚡ Reliability

Uptime/SLA
0
Version Stability
75
Breaking Changes
80
Error Recovery
50
AF Security Reliability

Best When

A security professional needs to intercept and forge DNS responses during a penetration test or malware analysis session.

Avoid When

You need a production DNS server, or you lack the privileges/authorization to manipulate DNS traffic.

Use Cases

  • Redirecting DNS traffic during penetration testing engagements
  • Analyzing malware DNS callbacks by intercepting resolution requests
  • Testing application behavior with manipulated DNS responses
  • Setting up controlled DNS environments for security research

Not For

  • Production DNS serving (this is a testing/analysis tool)
  • Users without root/admin privileges (requires port 53 access)
  • Automated MCP or API integration — this is a CLI tool
  • Legitimate DNS hosting or caching

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
No
SDK
No
Webhooks
No

Authentication

Methods: none
OAuth: No Scopes: No

No authentication — standalone CLI tool. Requires root/admin to bind port 53.

Pricing

Model: free
Free tier: Yes
Requires CC: No

Free security tool. No external services or subscriptions.

Agent Metadata

Pagination
none
Idempotent
Unknown
Retry Guidance
Not documented

Known Gotchas

  • Requires root/admin privileges to bind port 53 — will fail silently or with permission error otherwise
  • 31 open issues with last push in Aug 2024 — maintenance is minimal
  • Python 2/3 compatibility but aging codebase (created 2013)
  • No API or MCP interface — purely a CLI tool for manual security testing
  • Must configure system DNS resolver to point at DNSChef for interception to work

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for DNSChef.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-08.

6961
Packages Evaluated
25669
Need Evaluation
173
Need Re-evaluation
Community Powered