{"id":630,"date":"2011-12-01T05:19:07","date_gmt":"2011-12-01T05:19:07","guid":{"rendered":"http:\/\/www.ubuntupirates.com\/?p=630"},"modified":"2011-12-01T05:19:07","modified_gmt":"2011-12-01T05:19:07","slug":"the-harvester-information-gathering","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=630","title":{"rendered":"The Harvester &#8211; Information Gathering"},"content":{"rendered":"<p align=\"justify\"><strong>TheHarvester<\/strong> is a tool for gathering e-mail accounts, user names and hostnames\/subdomains from different public sources like search engines and PGP key servers.<\/p>\n<p>This tools is intended to help Penetration testers in the early stages of the project It&#8217;s a really simple tool, but very effective.<br \/>\n<strong>The sources supported are:<\/strong><\/p>\n<ul>\n<li>Google &#8211; emails,subdomains\/hostnames<\/li>\n<li>Google profiles &#8211; Employee names<\/li>\n<li>Bing search &#8211; emails, subdomains\/hostnames,virtual hosts<\/li>\n<li>Pgp servers &#8211; emails, subdomains\/hostnames<\/li>\n<li>Linkedin &#8211; Employee names<\/li>\n<li>Exalead &#8211; emails,subdomain\/hostnames<\/li>\n<\/ul>\n<p><strong>New features:<\/strong><\/p>\n<ul>\n<li>Time delays between requests<\/li>\n<li>XML and HTML results export<\/li>\n<li>Search a domain in all sources<\/li>\n<li>Virtual host verifier<\/li>\n<li>Shodan computer database integration<\/li>\n<li>Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)<\/li>\n<li>Basic graph with stats<\/li>\n<\/ul>\n<div><strong>Some examples:<\/strong><br \/>\nSearching emails accounts for the domain microsoft.com, it will work with the first 500 google results:<\/p>\n<pre>&lt;pre&gt;.\/theharvester.py -d microsoft.com -l 500 -b google&lt;\/pre&gt;<\/pre>\n<p>Searching emails accounts for the domain microsoft.com in a PGP server, here it&#8217;s not necessary to specify the limit.<\/p>\n<pre>&lt;pre&gt;.\/theharvester.py -d microsoft.com -b pgp&lt;\/pre&gt;<\/pre>\n<p>Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:<\/p>\n<pre>&lt;pre&gt;.\/theharvester.py -d microsoft.com -l 200 -b linkedin&lt;\/pre&gt;<\/pre>\n<p>Searching in all sources at the same time, with a limit of 200 results:<\/p>\n<pre>&lt;pre&gt;.\/theHarvester.py -d microsoft.com -l 200 -b all&lt;\/pre&gt;<\/pre>\n<dl>\n<dt><\/dt>\n<dt><a href=\"http:\/\/www.edge-security.com\/theHarvester.php\">Download<\/a>:<\/dt>\n<dt>The latest version always can be found in the Google code repository:<a href=\"https:\/\/code.google.com\/p\/theharvester\/\">https:\/\/code.google.com\/p\/theharvester<\/a><\/dt>\n<dt><\/dt>\n<dt>For more details visit:\u00a0<a title=\"The Harvester\" href=\"http:\/\/tools.securitytube.net\/index.php?title=TheHarvester\" target=\"_blank\" rel=\"noopener noreferrer\">Secuirtytube.com<\/a><\/dt>\n<dt>Official site:\u00a0<a href=\"http:\/\/www.edge-security.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.edge-security.com\/<\/a><\/dt>\n<dt><\/dt>\n<dt><\/dt>\n<dt><\/dt>\n<dt><\/dt>\n<dt><\/dt>\n<\/dl>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>TheHarvester is a tool for gathering e-mail accounts, user names and hostnames\/subdomains from different public sources like search engines and PGP key servers. This tools is intended to help Penetration testers in the early stages of the project It&#8217;s a really simple tool, but very effective. The sources supported are: Google &#8211; emails,subdomains\/hostnames Google profiles<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[159,23,9],"tags":[312,275,313,314,167,315,284],"class_list":["post-630","post","type-post","status-publish","format-standard","hentry","category-backtrack","category-linux","category-network-security","tag-edge-security-com","tag-pentest","tag-pentesting","tag-securitytube","tag-theharvester","tag-theprojectxblog","tag-tools"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/630","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=630"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/630\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=630"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=630"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=630"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}