TheHarvester is a great tool for penetration testing as it helps us find a lot of information about a company. It can be used to find email accounts, subdomains and it’s very important when the first phase of information gathering :
theharvester -d domain_name -l 20 -b all
How it works…
-d is for the domain name or the keyword we want to search,
-l is for limiting the number of search results, and
-b is the source we want the tool to use while gathering information. The tool supports Google, Google CSE, Bing, Bing API, PGP, LinkedIn, Google-profiles, people123, jigsaw, Twitter, and Google+ sources.
theHarvester is a very simple, yet effective tool designed to be used in the early stages of a penetration test. Use it for open source intelligence gathering and helping to determine a company’s external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs, and URLs using multiple public data sources.
Please go here to see the project details: https://github.com/laramies/theHarvester
Modules that require an API key:
Add your keys to api-keys.yaml
- Previous Post