Recent

How to use theharvester on kali Linux

What is theharvester

This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.

The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.

theharvester gathers information from the following sources:

  1. Google :emails,hosts/subdomains.
  2. Google-profile : Employee names.
  3. Bing search emails, subdomains/hostnames, virtual hosts.
  4. Pgp servers: emails, hosts/subdomains.
  5. LinkedIn Employee names.

how to use theharvester

Open your terminal and type the following command.It displays all the options you can use with theharvester.

theharvester 

for help

Search emails and hosts with theharvester

theharvester -d microsoft.com -l 500 -b google 

-d: Domain to search.
-l : Limit the search for specified number
-b: Specify the search engine name.

Search information from all the search engine supported by theharvester.

This is cool feature we can extract maximum information from all the supported search engine in a single command. Full command looks like this:

theharvester -d facebook.com -l 500 -b all

You have to add all keyword at the end.

view in browser

Save scan results into a xml file

You can save scan results into a file . You have to Complete command:

theharvester -d microsoft.com -l 500 -b google -f result.txt

-f is for specifying a file name where results will be stored.Once your scan is complete Check your home directory for xml file.