Think you know the linux digg command? Ever try to do some simple network discovery with it? This script by Tommy Johnson does some nice condensed discovery. Just pass a domain for the argument.

./diggall.sh example.com

That is all!

#!/bin/bash
echo "MX points to:"
dig MX $1 +short | sort -n
echo ""
echo "A points to:"
dig A $1 +short
echo ""
echo "www points to:"
dig A www.$1 +short
echo ""
echo "mail points to:"
dig A mail.$1 +short
echo ""
echo "SOA Nameserver declared:"
echo `dig SOA $1 +short | awk '{print $1}'`
echo ""
#echo "oldmail points to:"
#dig A oldmail.$1 +short
domain1=( $(echo $1 | awk -F '.' '{print $1}'))
domain2=( $(echo $1 | awk -F '.' '{print $2}'))
domain3=( $(echo $1 | awk -F '.' '{print $3}'))
domain2=( $(echo $domain2.$domain3 | sed 's/[:.:]$//') )
first=( $(dig NS +short $domain2 | sed 's/[:.:]$//') )
second=( $(dig +short NS $domain2 @$first | sed 's/[:.:]$//') )
#echo "Authoritative nameserver for TLD is: "$second
#echo '+===============================================+'
echo "Name Servers as reported by registrar:"
echo `dig NS $domain1.$domain2 @$second | grep "AUTHORITY SECTION" -A3 | grep -v AUTHORITY | awk '{print $5}'`
echo "IPs declared by registrar:"
echo `dig NS $domain1.$domain2 @$second | grep "ADDITIONAL SECTION" -A3 | grep -v ADDITIONAL | awk '{print $5}'`
#echo '+===============================================+'
echo ""
echo "Name Servers in zone file are:"
dig NS $1 +short
dig NS $1 | grep "ADDITIONAL SECTION" -A3 | grep -v ADDITIONAL | awk '{print $5}'
echo "txt record is:"
dig txt $1 +short