Email  Harvesting  by theharvester tool in Kali Linux

MODULE 4:- Information Gathering

  1. How to use dnsenum for dns enumeration – Kali
  2. How to use dig command in Kali Linux
  3. whois Kali Linux commands with example
  4. Enumerating DNS Records through dnsenum tool in Kali Linux
  5. Email Harvesting by theharvester tool in Kali Linux
  6. Google Hacking | Open Web Information Gathering
  7. dnsmap | DNS Domain name system brute force attacks
  8. Zone Transfer using dnswalk tool
  9. Website information Gathering through Nikto tool
  10. Search Senstive Data through Metagoofil Kali Linux 2.0
  11. 8 Steps to run Maltego Kali Linux – beginner guide

The Harvester.py

Description: theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, pgp key servers).

It is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.

 Passive Information Gathring

  • google: google search engine- www.google.com·
  • googleCSE: google custom search engine·
  • google-profiles: google search engine, specific search for Google profiles·
  • bing: microsoft search engine  – www.bing.com·
  • bingapi: microsoft search engine, through the API (you need to add your Key in the discovery/bingsearch.py file)·
  • pgp: pgp key server – pgp.rediris.es·
  • linkedin: google search engine, specific search for Linkedin users·
  • vhost: Bing virtual hosts search·
  • twitter: twitter accounts related to an specific domain (uses google search)·
  • googleplus: users that works in target company (uses google search)·
  • shodan: Shodan Computer search engine, will search for ports and banner of the discovered hosts  (http://www.shodanhq.com/)

Active Information Gathering

  • DNS brute force: this plugin will run a dictionary brute force enumeration
  • DNS reverse lookup: reverse lookup of ip´s discovered in order to find hostnames
  • DNS TDL expansion: TLD dictionary brute force enumeration

Getting Started with Theharvester

In Kali Linux theharvester tool is inbuilt and can be run a simple command in terminal

#theharvester

theharvester run in kali

Theharvester Usage Options

Lot of tools are included in to theharvester package and can be used to by using switch like -d switch is used to define domain names and -l is used to limit number of the result. In the following image you can see all available switch.

theharvester example

Theharvester Usage Example

Search from email addresses from a domain (-d example.com), limiting the results to 500 (-l 500), using Google (-b google):

#theharvester -d example.com -l 500 -b google

result harvester

 

source : theharvester

Leave a Reply

Your email address will not be published. Required fields are marked *