how to use theharvester an email harvesting tool in Kali Linux 2022

By Vijay KumarInformation Gathering, MODULE 4:- footprinting
theharvester

Theharvester in Kali Linux

Description: theHarvester tool in Kali linux is used for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers).

It is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.

Passive Information Gathering by theharvester

  • google: google search engine- www.google.com·
  • googleCSE: google custom search engine·
  • google-profiles: google search engine, specific search for Google profiles:
  • bing: microsoft search engine  – www.bing.com·
  • bingapi: microsoft search engine, through the API (you need to add your Key in the discovery/bingsearch.py file)·
  • pgp: pgp key server – pgp.rediris.es·
  • linkedin: google search engine, specific search for Linkedin users·
  • vhost: Bing virtual hosts search·
  • twitter: twitter accounts related to an specific domain (uses google search)·
  • googleplus: users that works in target company (uses google search)·
  • shodan: Shodan Computer search engine, will search for ports and banner of the discovered hosts  (http://www.shodanhq.com/)

Active Information Gathering

  • DNS brute force: this plugin will run a dictionary brute force enumeration
  • DNS reverse lookup: reverse lookup of ip´s discovered in order to find hostnames
  • DNS TDL expansion: TLD dictionary brute force enumeration

Getting Started with Theharvester

In this article I am going to email harvesting by using email harvester too in Kali Linux called theharvester.

It is inbuilt tool, So you don’t have tension how to install and more you can run a simple command in terminal to use theharvester tool

#theharvester

Theharvester Usage Options

Lot of tools are included in to theharvester package and can be used to by using switch like -d switch is used to define domain names and -l is used to limit number of the result. In the following image you can see all available switch.

Theharvester Usage Example

Search from email addresses from a domain (-d example.com), limiting the results to 500 (-l 500), using Google (-b google):

#theharvester -d example.com -l 500 -b google

MODULE 4:- Information Gathering

  1. How to use dnsenum for dns enumeration – Kali
  1. How to use dig command in Kali Linux
  1. whois Kali Linux commands with example
  1. Enumerating DNS Records through dnsenum tool in Kali Linux
  1. Email Harvesting by theharvester tool in Kali Linux
  1. Google Hacking | Open Web Information Gathering
  1. dnsmap | DNS Domain name system brute force attacks
  1. Zone Transfer using dnswalk tool
  1. Website information Gathering through Nikto tool
  1. Search Senstive Data through Metagoofil Kali Linux 2.0
  1. 8 Steps to run Maltego Kali Linux – beginner guide

If Appreciate My Work, You should consider:

3 thoughts on “how to use theharvester an email harvesting tool in Kali Linux 2022

Leave a Reply

Your email address will not be published.