TheHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key servers.
This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective.
The sources supported are:
- Google – emails,subdomains/hostnames
- Google profiles – Employee names
- Bing search – emails, subdomains/hostnames,virtual hosts
- Pgp servers – emails, subdomains/hostnames
- Linkedin – Employee names
- Exalead – emails,subdomain/hostnames
New features:
- Time delays between requests
- XML and HTML results export
- Search a domain in all sources
- Virtual host verifier
- Shodan computer database integration
- Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)
- Basic graph with stats
Some examples:
Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:
Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:
<pre>./theharvester.py -d microsoft.com -l 500 -b google</pre>
Searching emails accounts for the domain microsoft.com in a PGP server, here it’s not necessary to specify the limit.
<pre>./theharvester.py -d microsoft.com -b pgp</pre>
Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:
<pre>./theharvester.py -d microsoft.com -l 200 -b linkedin</pre>
Searching in all sources at the same time, with a limit of 200 results:
<pre>./theHarvester.py -d microsoft.com -l 200 -b all</pre>
- Download:
- The latest version always can be found in the Google code repository:https://code.google.com/p/theharvester
- For more details visit: Secuirtytube.com
- Official site: http://www.edge-security.com/