theHarvester – Information Gathering Tool
theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database
This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective.
The sources supported are:
- Google – emails,subdomains/hostnames
- Google profiles – Employee names
- Bing search – emails, subdomains/hostnames,virtual hosts
- Pgp servers – emails, subdomains/hostnames
- Linkedin – Employee names
- Exalead – emails,subdomain/hostnames
New Features
- Time delays between requests
- XML and HTML results export
- Search a domain in all sources
- Virtual host verifier
- Shodan computer database integration
- Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)
- Basic graph with stats
Examples
Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:
./theharvester.py –d microsoft.com –l 500 –b google
Searching emails accounts for the domain microsoft.com in a PGP server, here it’s not necessary to specify the limit:
./theharvester.py -d microsoft.com -b pgp
Searching for usernames that works in the microsoft, we use google as search engine, so we need to specify the limit of results we use:
./theharvester.py –d microsoft.com –l 200 –b linkedin
Searching in all sources at the same time, with a limit of 200 results:
./theHarvester.py -d microsoft.com -l 200 -b all
DOWNLOAD LINK:
Posting Komentar untuk "theHarvester – Information Gathering Tool"