theHarvester 4.3 released: E-mails/subdomains/names Harvester – OSINT
theHarvester
What is this?
————-
theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, PGP key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company on the Internet.
The sources are:
Passive:
——–
-google: google search engine – www.google.com-googleCSE: google custom search engine
-google-profiles: google search engine, specific search for Google profiles
-bing: microsoft search engine – www.bing.com
-bingapi: microsoft search engine, through the API (you need to add your Key in
the discovery/bingsearch.py file)-dogpile: Dogpile search engine – www.dogpile.com
-pgp: pgp key server – mit.edu
-linkedin: google search engine, specific search for Linkedin users
-vhost: Bing virtual hosts search
-twitter: twitter accounts related to an specific domain (uses google search)
-googleplus: users that work in target company (uses google search)
-yahoo: Yahoo search engine
-baidu: Baidu search engine
-shodan: Shodan Computer search engine, will search for ports and banner of the
discovered hosts (http://www.shodanhq.com/)
Active:
——-
-DNS brute force: this plugin will run a dictionary brute force enumeration
-DNS reverse lookup: reverse lookup of ip´s discovered in order to find hostnames
-DNS TDL expansion: TLD dictionary brute force enumeration
Modules that need API keys to work:
———————————-
-googleCSE: You need to create a Google Custom Search engine(CSE), and add your Google API key and CSE ID in the plugin (discovery/googleCSE.py)
-shodan: You need to provide your API key in discovery/shodansearch.py
Changelog v4.3
Note
- Python3.9 is the required minimum version
- New required dependency python-dateutil is required for package maintainers
What’s Changed
- A lot of commits updating dependencies since 4.2.0 was released
- Sublist3r Skipping on Github CI due unstable site by @L1ghtn1ng in #1182
- Tweaks by @leebaird in #1197
- Changes Dockerfile to Alpine by @viardant in #1230
- Fixes, type hinting additions and removing omnisint due to the site being not available anymore by @L1ghtn1ng in #1253
- Multiple fixes by @L1ghtn1ng in #1265
- Feat(docker-compose): adding local orchestration for development by @yalattas in #1267
- Few slight fixes with linting and ci by @L1ghtn1ng in #1279
- Run static type checking last by @L1ghtn1ng in #1280
- Zoomeye asns format alignment by @frapava98 in #1284
- Fix yahoo by @frapava98 in #1287
- Add try-except for yahoo by @frapava98 in #1286
- Fix rawsec badge by @noraj in #1296
- Fix to avoid the crash of the program by @frapava98 in #1300
- Fix import error in virtual host option by @brwook in #1341
- Trimmed the newline character from the domain input by @Reelix in #1351
- Added 4 new sources, Removed 2 Sources, Added custom DNS resolver, backported to python3.9, and other misc changes by @NotoriousRebel in #1381
- Multiple fixes by @L1ghtn1ng in #1382
- Fixes by @L1ghtn1ng in #1386
- Remove qwant and add missing criminalip to the api-keys file by @L1ghtn1ng in #1390
- Formatting by @leebaird in #1391
- Bump version of requests package so pip can stop exploding by @minorannoyance in #1402
- Update pentest-tools.com readme entry by @stefan-bratescu in #1407
- Delete qwant test (see #1390) by @eclairevoyant in #1408
- Fix for bingapi by @noaHson86 in #1417
- Sitedossier by @leebaird in #1423
- Add asyncfetch to sitedossier.py by @L1ghtn1ng in #1428
Installation
pip install requests
git clone https://github.com/laramies/theHarvester.git
Usage
Copyright 2011 Christian Martorella
Source: https://github.com/laramies/