PowerShell - CheckDNScavenging.ps1

Save the below as CheckDNScavenging.ps1, Prompts for DNS ServerName, Domain and Days to check scavenging, outputs to c:\temp\DNS_Records_Identified.csv

#set parameters

$dnsServer = Read-Host "Enter DNS ServerName to Check Scavenging"

$domain = Read-Host "Enter Domain Name"

$agetreshold = Read-Host "Enter Days to Check DNS Scavenging"

# calculate how many hours is the age which will be the threshold

$minimumTimeStamp = [int] (New-TimeSpan -Start $(Get-Date ("01/01/1601 00:00")) -End $((Get-Date).AddDays(-$agetreshold))).TotalHours

# get all records from the zone whose age is more than our threshold

$records = Get-WmiObject -ComputerName $dnsServer -Namespace "root\MicrosoftDNS" -Query "select * from MicrosoftDNS_AType where Containername='$domain' AND TimeStamp<$minimumTimeStamp AND TimeStamp<>0 "

# list the name and the calculated last update time stamp

$records | Select Ownername, @{n="timestamp";e={([datetime]"1.1.1601").AddHours($_.Timestamp)}} | Export-Csv c:\temp\DNS_Records_Identified.csv -NoTypeInformation