Information Gathering with Kali Linux : theharvester

Information Gathering tool


Hello and welcome to GitcodeX

In this article you will learn about Information Gathering using theHarvestor in kali linux.
Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client.


TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information about e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key server.


This tool is designed to help the penetration tester on an earlier stage; it is an effective, simple and easy to use. 


The sources supported are:


Google – emails, subdomains

Google profiles – Employee names

Bing search – emails, subdomains/hostnames, virtual hosts

Pgp servers – emails, subdomains/hostnames

LinkedIn – Employee names

Exalead – emails, subdomain/hostnames



New features:


Time delays between requests

XML results export

Search a domain in all sources

Virtual host verifier




So, Let’s get started,

If you are using Kali Linux, open the terminal and type

theharvester


If not then it can be easily downloaded by  "Clicking here"
Simply Download and extract it


Provide execute permission by typing, 

 theHarvester.py by [chmod 755 theHavester.py]


Then simply run 

./theharvester


You will see similar to this:




Method:1

You can simply use the command 

theHarvester -d [url] -l 300 -b [search engine name]


For example:  theHarvester -d sixthstartech.com -l 300 -b google



Which will result as in the screenshot below:




Method:2

To get all the information about the website u can use the command as:

theHarvester -d sixthstartech.com -l 300 -b all

Which will result as:




Method:3

To save the result in HTML file you can use –f option followed by a file name,

Example:

theHarvester.py -d sixthstartech.com -l 300 -b all -f test




The result in HTML File:


Hope you understood the process, if you have any doubt feel free to ask in comment section or in a message ; )


Thank you for Reading ; )

Post a Comment

Previous Post Next Post