theHarvester 4.5 released: E-mails/subdomains/names Harvester – OSINT

theHarvester

theHarvester

What is this?
————-

theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, PGP key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company on the Internet.

The sources are:

Passive:
——–
-google: google search engine – www.google.com

-googleCSE: google custom search engine

-google-profiles: google search engine, specific search for Google profiles

-bing: microsoft search engine – www.bing.com

-bingapi: microsoft search engine, through the API (you need to add your Key in
the discovery/bingsearch.py file)

-dogpile: Dogpile search engine – www.dogpile.com

-pgp: pgp key server – mit.edu

-linkedin: google search engine, specific search for Linkedin users

-vhost: Bing virtual hosts search

-twitter: twitter accounts related to an specific domain (uses google search)

-googleplus: users that work in target company (uses google search)

-yahoo: Yahoo search engine

-baidu: Baidu search engine

-shodan: Shodan Computer search engine, will search for ports and banner of the
discovered hosts (http://www.shodanhq.com/)

 

Active:
——-
-DNS brute force: this plugin will run a dictionary brute force enumeration
-DNS reverse lookup: reverse lookup of ip´s discovered in order to find hostnames
-DNS TDL expansion: TLD dictionary brute force enumeration

Modules that need API keys to work:
———————————-
-googleCSE: You need to create a Google Custom Search engine(CSE), and add your Google API key and CSE ID in the plugin (discovery/googleCSE.py)
-shodan: You need to provide your API key in discovery/shodansearch.py

Changelog v4.5

Pipx

We now support pipx installs thanks to @branchvincent in #1505 and pipx is a great way to easy fix the change with how python and pip works as it creates the virtual environment for you and no more worrying about breaking your system packages. More information about pipx can be found here

What’s Changed

Installation

pip install requests
git clone https://github.com/laramies/theHarvester.git

Usage

Copyright 2011 Christian Martorella

Source: https://github.com/laramies/