Today we will learn about Information Gathering using theHarvester in Kali Linux. Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client.
TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server.
Information Gathering using Harvester in Kali Linux
This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use. The sources supported are:
Google – emails, subdomains
Google profiles – Employee names
Bing search – emails, subdomains/hostnames, virtual hosts
Pgp servers – emails, subdomains/hostnames
LinkedIn – Employee names
Exalead – emails, subdomain/hostnames
Time delays between requests
XML results export
Search a domain in all sources
Virtual host verifier
Let’s get started,
If you are using Kali Linux, open the terminal and type theharvester
If not then it can be easily downloaded from here: https://github.com/laramies/theHarvester
Simply Download and extract it
Provide execute permission to: theHarvester.py by [chmod 755 theHavester.py]
Then simply run ./theharvester
You will see similar to this:
Here I am using kali linux.
You can simply use the command theHarvester -d [url] -l 300 -b [search engine name]
For example: theHarvester -d sixthstartech.com -l 300 -b google
Which will result as in the screenshot below:
To get all the information about the website u can use the command as:
theHarvester -d sixthstartech.com -l 300 -b all
Which will result as:
To save the result in HTML file you can use –f option followed by a file name,
theHarvester.py -d sixthstartech.com -l 300 -b all -f test
The result in HTML File:
That’s it and hoped this helped you!!
Note: Use Virtual Machine and scan on VirusTotal before downloading any program on Host Machine for your privacy.