# nslookup The nslookup command exists on both Windows and \*NIX, but is particularly important on Windows (where [[dig]] is not available). ```powershell # nslookup command syntax; only $DOMAIN is required # nslookup -type=$QUERY_TYPE $DOMAIN $NAME_SERVER # Examples # nslookup -type=A microsoft.com 8.8.8.8 nslookup tryhackme.com 1.1.1.1 nslookup -type=MX google.com ``` On Windows, the nslookup.exe binary also provides a nice shell if run without any arguments. From here, a server to query can be specified (`server $IP_ADDRESS`), and then `ls -d $DOMAIN` will provide *all* records related to the specified `$DOMAIN` (including, it would seem, subdomain information!).