Lompat ke konten Lompat ke sidebar Lompat ke footer

theHarvester – Information Gathering Tool

theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database
theHarvester  – Information Gathering Tool

This tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective.
theHarvester  – Information Gathering Tool

The sources supported are:

  • Google – emails,subdomains/hostnames
  • Google profiles – Employee names
  • Bing search – emails, subdomains/hostnames,virtual hosts
  • Pgp servers – emails, subdomains/hostnames
  • Linkedin – Employee names
  • Exalead – emails,subdomain/hostnames

New Features

  • Time delays between requests
  • XML and HTML results export
  • Search a domain in all sources
  • Virtual host verifier
  • Shodan computer database integration
  • Active enumeration (DNS enumeration,DNS reverse lookups, DNS TLD expansion)
  • Basic graph with stats


Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results:

./theharvester.py –d microsoft.com –l 500 –b google

Searching emails accounts for the domain microsoft.com in a PGP server, here it’s not necessary to specify the limit:

./theharvester.py -d microsoft.com -b pgp
Searching for usernames that works in the microsoft, we use google as search engine, so we need to specify the limit of results we use:
./theharvester.py –d microsoft.com –l 200 –b linkedin
Searching in all sources at the same time, with a limit of 200 results:
./theHarvester.py -d microsoft.com -l 200 -b all

Posting Komentar untuk "theHarvester – Information Gathering Tool"