Ethical-tools
  • Kali linux most used subdomain finder
  • Ethical tools for Pentesting
  • theHarvester Best OSINT tool
  • Wappalyzer online
  • Parsing Wappalyzer in python
Powered by GitBook
On this page
  • theHarvester public sources
  • The Information theharvester can get
  • How to use theHarvester
  • Using theHarvester in python3 scripts

Was this helpful?

theHarvester Best OSINT tool

theHarvester is a very simple, yet effective tool designed to be used in the earlystages of a penetration test. Use it for open source intelligence gathering andhelping to determine threats.

PreviousKali linux most used subdomain finderNextParsing Wappalyzer in python

Last updated 5 years ago

Was this helpful?

Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. In the intelligence community, the term "open" refers to overt, publicly available sources (as opposed to covert or clandestine sources)

  • baidu: Baidu search engine

  • bing: Microsoft search engine

  • bingapi: Microsoft search engine, through the API

  • CertSpotter: Cert Spotter monitors Certificate Transparency logs

  • crtsh: Comodo Certificate search

  • dnsdumpster: DNSdumpster search engine

  • dogpile: Dogpile search engine

  • duckduckgo: DuckDuckGo search engine

  • Exalead: a Meta search engine

  • github-code: Github code search engine (Requires a Github Personal Access Token, see below.)

  • google: Google search engine (Optional Google dorking.)

  • hunter: Hunter search engine (Requires an API key, see below.)

  • intelx: Intelx search engine (Requires an API key, see below.)

  • linkedin: Google search engine, specific search for LinkedIn users

  • netcraft: Internet Security and Data Mining

  • otx: AlienVault Open Threat Exchange

  • securityTrails: Security Trails search engine

  • shodan: Shodan search engine

  • Spyse: Web research tools for professionals

  • Suip: Web research

  • threatcrowd: Open source threat intelligence

  • trello: Search trello boards (Uses Google search.)

  • twitter: Twitter accounts related to a specific domain (Uses Google search.)

  • vhost: Bing virtual hosts search

  • virustotal: virustotal.com domain search

  • yahoo: Yahoo search engine

The Information theharvester can get

theharvester has the ability to get tremendous amount of information, if you chain lots of it's search sources. Here are just some of the few information that theharvester can get for you

  • Virtualhosts

  • People's social profile

  • Pool of Ipaddresses

And there are more information that this tool can scrounge for you.

How to use theHarvester

python3.7+

sudo apt-get install python3-pip

sudo pip3 install virtualenv

#create a virtual env

virtualenv -p python3 theharvestertool

$ source theharvestertool/bin/active

Now we can begin using this powerful tool

(theharvestertool) $./theHarvester.py -d eff.org -l 500 -b google

As you can see the sample outout of theharvester against eff.org. Here is a summary of the command we just run

-l # means limit the result search to 500

-b # means use this source to get the information about this host.

There is more to this tool. Follow the deployment step above to quickly get started with this powerful tool.

Using theHarvester in python3 scripts

This tool the harvester works very well with python3.7+, this is what makes this tool really interesting many osint tools out there still depend on python2 which is getting depreciated. If you have finished following how to use theHarvester above or you can do thefollowingg

sudo pip3 install theharvester

or

python3 setup.py install

largely depends on public sources to get confidential information about a particular domain. Here are some of the public sources that theHarvester users

Dependencies required by

(theharvestertool) git clone

If you want to use this tool before installation Here is an of it.

theharvester
Emails
Subdomains
Port scanning(very basic)
theharvester
https://github.com/laramies/theHarvester.git
online version
theHarvester public sources
The online version of theharvester
the sample output of theharvester