TheHarvester Guide and Examples
Open Source Information Gathering
| Author: | Christian Martorella |
| License: | GPLv2 |
| Software: | TheHarvester |
| Date created: | 2011 |
| Updated: | Yes |
| GitHub: | TheHarvester GitHub |
Description
Cheatsheet
TheHarvester is an OSINT tool for gathering subdomains, email addresses, open ports, banners, employee names, and much more from different public sources. (Google, Bing, PGP key servers, ...). In order to gather this information it will do active and passive information gathering.
You would want to use this tool when you are curious about the visibility of your company on the internet or for information gathering purposes during a penetration test.
# Syntax
theharvester -d [domain] -l [amount of depthness] -b [search engines] -f [filename]
# Example which scans google.com and returns 500 results while searching in all available search engines
theharvester -d google.com -l 500 -b all
# Same example as above, but this one outputs all gathered information to an HTML file
theharvester -d google.com -l 500 -b all -f results.html
-d : Specifies the domain to scan
-l : Specifies how deep the scan should go. More is better but slower! :)
-b : Specifies the search engine to search on. (options as of may 2018: google, googleCSE, bing, bingapi, pgp, linkedin, google-profiles, jigsaw, twitter, googleplus, all)
-f : Specifies an output file for the found results. This file will be saved in the current directory from your terminal, unless specified otherwise, in the HTML format.
** For more information, check out the extra links and sources. **