In this article, we will learn how to easily find any company's email, domain, and IP address using the OSINT tool TheHarvester.
OSINT (Open Source Intelligence) tools allow for the efficient gathering and analysis of publicly available data used by government agencies and private organizations to analyze market trends, brand positioning, and more. These tools have advanced from traditional media to incorporate technologies like web scraping, social media analytics, geospatial intelligence, and AI to improve.
The Harvester is also an open-source tool written in Python that gathers various information from publicly available data, such as emails, subdomains, hosts, employee names, open ports, and banners.
You may like to read more about Dx-Raptro : The PowerFull DOS Tool
What You’ll Learn in This Article
- What is Harvester
- Passive & Active modules
- Installation
- Usages
theHarvester is a simple-to-use, yet powerful tool designed to be used during the reconnaissance stage of a red team assessment or penetration test. It performs open source intelligence (OSINT) gathering to help determine a domain's external threat landscape. The tool gathers names, emails, IPs, subdomains, and URLs by using multiple public resources that include passive and active modules
Passive:
- Baidu
- Bing
- dnsdumpster
- Duckduckgo
- Hunter
- Qwant
- SecurityTrails
- Shodan
- Trello
Active:
- DNS brute force: dictionary brute force enumeration
- Screenshots: Take screenshots of subdomains that were found
Installation
In kali Linux it is preinstalled you just need to check out his current version and upgrade.
Otherwise, follow the below steps to download theHarvester tool.
Be Ensure that you upgrade and update your Linux machine
sudo apt-get update && upgrade -y
Now First create a Python Venv environment for the tool
python3 -m venv harvester
Now activate the environment
source /bin/active
Clone the repository
git clone https://github.com/laramies/theHarvester
Get into Directory
cd theHarvester/
Now Install all requirements for tools
pip install wheel
pip install -r requirements/base.txt
After installing successfully you need to add your API keys to the tool. Get your API key from their websites etc and add it into api-keys.yaml file so that the tool can access and run based on keys
Usages
python3 theharvester.py -h
For IP
python theHarvester.py -d domain.com -l 50 -b securityTrails
-d : domain
-l : limit
-b : source
For Email
python theHarvester.py -d moslempress.com -l 10 -b hunter
For Subdomains
python theHarvester.py -d moslempress.com -l 50 -b all -f moslempress.html
Certainly! Here is the list of additional sources you can use:
- Anubis
- Baidu
- Bevigil
- Binaryedge
- Bing
- BingAPI
- Bufferoverun
- Brave
- Censys
- Certspotter
- Criminalip
- Crtsh
- DNSDumpster
- DuckDuckGo
- FullHunt
- Github-Code
- HackerTarget
- Hunter
- HunterHow
- Intelx
- Netlas
- Onyphe
- OTX
- PentestTools
- ProjectDiscovery
- RapidDNS
- RocketReach
- SecurityTrails
- SiteDossier
- SubdomainCenter
- SubdomainFinderC99
- ThreatMiner
- Tomba
- URLScan
- VirusTotal
- Yahoo
- ZoomEye
This information is helpful to you make sure to save bookmarks of our blog for more amazing content and join our Telegram channel to get the latest updates.