{"id":218,"date":"2014-07-02T23:17:57","date_gmt":"2014-07-02T23:17:57","guid":{"rendered":"http:\/\/www.pir8geek.com\/?p=218"},"modified":"2014-07-02T23:17:57","modified_gmt":"2014-07-02T23:17:57","slug":"theharvester-information-gathering","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=218","title":{"rendered":"theharvester &#8211; Information Gathering"},"content":{"rendered":"<p><strong>TheHarvester<\/strong> &#8211; this tools is intended to help Penetration testers in the early stages of the project It\u2019s a really simple tool, but very effective, this tool can gather information like user names, hostsname and domains from public or an organization.<br \/>\nThis is a complete rewrite of the tool with new features like:<\/p>\n<ul>\n<li>Time delays between request<\/li>\n<li>All sources search<\/li>\n<li>Virtual host verifier<\/li>\n<li>Active enumeration (DNS enumeration, Reverse lookups, TLD expansion)<\/li>\n<li>Integration with SHODAN computer database, to get the open ports and banners<\/li>\n<li>Save to XML and HTML<\/li>\n<li>Basic graph with stats<\/li>\n<li>New sources<\/li>\n<\/ul>\n<p><strong><br \/>\nFor Backtrack user:<\/strong><br \/>\n1. Open a terminal and run the following command.<br \/>\n<strong>\/pentest\/enumeration\/theharvester<\/strong><\/p>\n<pre>root@bt:\/# cd \/pentest\/enumeration\/theharvester\nroot@bt:\/pentest\/enumeration\/theharvester# .\/theHarvester.py -d pir8geek.com -l 100 -b all\n<\/pre>\n<p>Note drop the www. from the url your interested in, example http:\/\/www.pir8geek.com becomes pir8geek.com<br \/>\nUsage: theharvester options<br \/>\n-d: Domain to search or company name<br \/>\n-b: Data source (google,bing,bingapi,pgp,linkedin,google-profiles,exalead,all)<br \/>\n-s: Start in result number X (default 0)<br \/>\n-v: Verify host name via dns resolution and search for virtual hosts<br \/>\n-f: Save the results into an HTML and XML file<br \/>\n-n: Perform a DNS reverse query on all ranges discovered<br \/>\n-c: Perform a DNS brute force for the domain name<br \/>\n-t: Perform a DNS TLD expansion discovery<br \/>\n-e: Use this DNS server<br \/>\n-l: Limit the number of results to work with(bing goes from 50 to 50 results,<br \/>\n-h: use SHODAN database to query discovered hosts<br \/>\ngoogle 100 to 100, and pgp doesn\u2019t use this option)<br \/>\n<strong>Examples:.<\/strong><\/p>\n<pre>\/theHarvester.py -d pir8geek.com -l 500 -b google\n.\/theHarvester.py -d pir8geek.com -b pgp\n.\/theHarvester.py -d pir8geek.com -l 200 -b linkedin\n<\/pre>\n<p>Enjoy&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>TheHarvester &#8211; this tools is intended to help Penetration testers in the early stages of the project It\u2019s a really simple tool, but very effective, this tool can gather information like user names, hostsname and domains from public or an organization. This is a complete rewrite of the tool with new features like: Time delays<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[159,162,154],"tags":[160,161,163,164,165,166,34,167],"class_list":["post-218","post","type-post","status-publish","format-standard","hentry","category-backtrack","category-information-gathering","category-pentesting-tools","tag-infogathering","tag-information","tag-informationgathering","tag-osint","tag-profiling","tag-public","tag-security","tag-theharvester"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=218"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/218\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}