theHarvester – Gather E-mail Accounts, Subdomains, Hosts, Employee Names – Information Gathering Tool
theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.
This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective.
The sources supported are:
- Google – emails,subdomains/hostnames
- Google profiles – Employee names
- Bing search – emails, subdomains/hostnames,virtual hosts
- Pgp servers – emails, subdomains/hostnames
- Linkedin – Employee names
- Exalead – emails,subdomain/hostnames
- Time delays between requests
- XML and HTML results export
- Search a domain in all sources
- Virtual host verifier
- Shodan computer database integration
- Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)
- Basic graph with stats
Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:
./theharvester.py -d microsoft.com -l 500 -b google
Searching emails accounts for the domain microsoft.com in a PGP server, here it’s not necessary to specify the limit.
./theharvester.py -d microsoft.com -b pgp
Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:
./theharvester.py -d microsoft.com -l 200 -b linkedin
Searching in all sources at the same time, with a limit of 200 results:
./theHarvester.py -d microsoft.com -l 200 -b all
You can download theHarvester here:
Or read more here.
- LiME – Linux Memory Extractor
- HookME – API Based TCP Proxy Including SSL
- EvilFOCA – Network Attack Toolkit
- Goofile v1.5 – Search For A Specific File Type In A Given Domain.
- Host-Extract – Enumerate All IP/Host Patterns In A Web Page
- DNSenum – Domain Information Gathering Tool
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,930,428 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,240,444 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 654,118 views