Using Backtrack 4: Information Gathering: TheHarvester

TheHarvester

Purpose:

Finding hosts and thus subdomains, as well as account names and email addresses.

Discussion:

Warming up your penetration test? Then you’re looking for these hosts, accounts and email addresses. Of course these list exactly your initial targets, and if you’re hooking for a particular person their account name is a plum to find. For instance.

Opening Screen:

*************************************
*TheHarvester Ver. 1.6             *
*Coded by Christian Martorella      *
*Edge-Security Research             *
*cmartorella@edge-security.com      *
*************************************

Usage: theharvester options

-d: domain to search or company name
-b: data source (google,bing,pgp,linkedin)
-s: start in result number X (default 0)
-v: verify host name via dns resolution
-l: limit the number of results to work with(bing goes from 50 to 50 results,
google 100 to 100, and pgp does’nt use this option)

Examples:./theharvester.py -d microsoft.com -l 500 -b google
./theharvester.py -d microsoft.com -b pgp
./theharvester.py -d microsoft -l 200 -b linkedin

Stage:

Information gathering

Home Page:

http://www.edge-security.com
This is one of several tools from Edge-Security. Get to know them.

Tutorial:

http://www.edge-security.com/theHarvester.php