theHarvester Best OSINT tool

theHarvester is a very simple, yet effective tool designed to be used in the earlystages of a penetration test. Use it for open source intelligence gathering andhelping to determine threats.

Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. In the intelligence community, the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources)

theHarvester public sources

theharvester largely depends on public sources to get confidential information about a particular domain. Here are some of the public sources that theHarvester users

  • baidu: Baidu search engine

  • bing: Microsoft search engine

  • bingapi: Microsoft search engine, through the API

  • CertSpotter: Cert Spotter monitors Certificate Transparency logs

  • crtsh: Comodo Certificate search

  • dnsdumpster: DNSdumpster search engine

  • dogpile: Dogpile search engine

  • duckduckgo: DuckDuckGo search engine

  • Exalead: a Meta search engine

  • github-code: Github code search engine (Requires a Github Personal Access Token, see below.)

  • google: Google search engine (Optional Google dorking.)

  • hunter: Hunter search engine (Requires an API key, see below.)

  • intelx: Intelx search engine (Requires an API key, see below.)

  • linkedin: Google search engine, specific search for LinkedIn users

  • netcraft: Internet Security and Data Mining

  • otx: AlienVault Open Threat Exchange

  • securityTrails: Security Trails search engine

  • shodan: Shodan search engine

  • Spyse: Web research tools for professionals

  • Suip: Web research

  • threatcrowd: Open source threat intelligence

  • trello: Search trello boards (Uses Google search.)

  • twitter: Twitter accounts related to a specific domain (Uses Google search.)

  • vhost: Bing virtual hosts search

  • virustotal: virustotal.com domain search

  • yahoo: Yahoo search engine

The Information theharvester can get

theharvester has the ability to get tremendous amount of information, if you chain lots of it's search sources. Here are just some of the few information that theharvester can get for you

And there are more information that this tool can scrounge for you.

How to use theHarvester

Dependencies required by theharvester

python3.7+

sudo apt-get install python3-pip

sudo pip3 install virtualenv

#create a virtual env

virtualenv -p python3 theharvestertool

$ source theharvestertool/bin/active

(theharvestertool) git clone https://github.com/laramies/theHarvester.git

Now we can begin using this powerful tool

(theharvestertool) $./theHarvester.py -d eff.org -l 500 -b google

As you can see the sample outout of theharvester against eff.org. Here is a summary of the command we just run

-l # means limit the result search to 500

-b # means use this source to get the information about this host.

There is more to this tool. Follow the deployment step above to quickly get started with this powerful tool.

If you want to use this tool before installation Here is an online version of it.

Using theHarvester in python3 scripts

This tool the harvester works very well with python3.7+, this is what makes this tool really interesting many osint tools out there still depend on python2 which is getting depreciated. If you have finished following how to use theHarvester above or you can do thefollowingg

sudo pip3 install theharvester

or

python3 setup.py install

PreviousKali linux most used subdomain finderNextParsing Wappalyzer in python

Last updated