theHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering Tool
theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.
This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective.
The sources supported are:
- Google – emails,subdomains/hostnames
- Google profiles – Employee names
- Bing search – emails, subdomains/hostnames,virtual hosts
- Pgp servers – emails, subdomains/hostnames
- Linkedin – Employee names
- Exalead – emails,subdomain/hostnames
- Time delays between requests
- XML and HTML results export
- Search a domain in all sources
- Virtual host verifier
- Shodan computer database integration
- Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)
- Basic graph with stats
Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:
./theharvester.py -d microsoft.com -l 500 -b google
Searching emails accounts for the domain microsoft.com in a PGP server, here it’s not necessary to specify the limit.
./theharvester.py -d microsoft.com -b pgp
Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:
./theharvester.py -d microsoft.com -l 200 -b linkedin
Searching in all sources at the same time, with a limit of 200 results:
./theHarvester.py -d microsoft.com -l 200 -b all
You can download theHarvester here:
Or read more here.
- Blackhash – Audit Passwords Without Hashes
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- Goofile v1.5 – Search For A Specific File Type In A Given Domain.
- DNSenum – Domain Information Gathering Tool
- hostmap 0.2 – Automatic Hostname & Virtual Hosts Discovery Tool
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,785 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,031,050 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,626 views