Hi!
Yeah, as you are looking for the contents of a bettercap module (dns.spoof) the command should be run inside bettercap. Can you try to set dns.spoof.address to kali’s ip? then run the attack again.

Let me know how it goes!
Diego