SnitchDNS is a database driven DNS Server with a Web UI, written in Python, that makes DNS administration easier with all configuration changed applied instantly without restarting any system services.

Use cases include:

  • DNS Forwarding Server – Monitor all of the network’s requests via a Web UI.
  • Red Teams – Identify sandboxes, restrict access to known IP ranges, and monitor phishing domains. Also, integrate with SIEM solutions for better visibility of network activities.
  • DNS Tunnel – Log all DNS requests and egress data from restricted environments.
  • Let’s Encrypt – Make use of the DNS Challenge using the API or the CLI interface.
  • Canary Tokens – Get a notification every time a specific domain is resolved.

Some of its features include:

  • Web Interface
  • Support for MySQL/Postgres/SQLite
  • Catch-all Domains
  • Unmatched Record Forwarding
  • IP Restrictions
  • Notifications via E-mail, Web Push, Slack, and Teams
  • Multi-user, 2FA, and LDAP support
  • Database and CSV logging
  • API / Swagger 2.0
  • CLI Interface
  • Tags, Aliases, Import/Export

For more information about installing and using SnitchDNS, details about features and use cases, see the project page at

CHECK IT Health Check Service
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider
ASSURE Cyber Supplier - CAA