Privacy controls
CyberFurl can load analytics only after you opt in. Core product features work without analytics consent.
Detect DNS leaks that expose your domain queries to unauthorized resolvers. Ensure DNS requests stay within expected infrastructure and don't leak to third parties.
A DNS leak occurs when DNS queries are sent to resolvers outside your intended DNS infrastructure, such as your ISP's default resolver instead of your organization's or VPN's DNS servers. This can happen due to misconfigured network settings, VPN tunnel failures, split-tunnel misconfigurations, or operating system quirks. DNS leaks expose which domains you visit to unauthorized parties, compromise privacy, and can reveal internal infrastructure details. For organizations, DNS leaks may indicate that employees' DNS traffic bypasses security controls like DNS filtering and threat intelligence.
DNS leaks expose browsing history and domain access patterns to unauthorized resolvers. For businesses, this means sensitive domain lookups may bypass security controls, leak to competitors' infrastructure, or reveal internal architecture.
Not testing for DNS leaks after VPN configuration changes, assuming VPNs automatically protect all DNS traffic, not checking IPv6 DNS paths (which often bypass IPv4 VPN tunnels), and not monitoring endpoint DNS settings in BYOD environments.
Type the domain to test for DNS leaks.
We query multiple DNS resolvers and locations.
We compare which resolvers answered and what they returned.
Unexpected resolver responses indicate a potential DNS leak.
Identifies which resolvers are handling your DNS queries. If queries resolve through unexpected resolvers (like an ISP instead of your configured DNS), a leak is present.
Checks whether DNS queries are being handled by resolvers in unexpected geographic locations. Location mismatches can indicate traffic routing around security controls.
Many DNS leaks occur over IPv6 paths that bypass IPv4-only VPN tunnels. We check both IPv4 and IPv6 DNS paths to ensure comprehensive leak detection.
Detects whether split-tunnel configurations are leaking internal DNS queries to public resolvers. Misconfigured split tunnels are a common source of enterprise DNS leaks.
Specifically tests whether DNS queries bypass VPN tunnels. If queries resolve through your ISP while a VPN is active, your VPN is leaking DNS traffic.
If a leak is detected, we provide specific recommendations to fix the issue — from VPN configuration changes to OS-level DNS settings and firewall rules.
Automate DNS leak testing across your infrastructure, monitor VPN tunnel integrity, detect split-tunnel misconfigurations, and get alerted when DNS traffic leaks.