The Harvester
OSINT Tool for Domain and Email Discovery
Introduction
theHarvester is an open-source OSINT (Open-Source Intelligence) tool designed to gather information about domains, emails, subdomains, IP addresses, and URLs associated with a target. It leverages public sources like search engines, APIs, and databases for reconnaissance.
Features
- Aggregates data from search engines, DNS records, and threat intelligence platforms.
- Supports integration with Shodan, VirusTotal, DNSdumpster, and CertSpotter.
- Generates detailed reports in multiple formats (TXT, XML, JSON).
- Lightweight and optimized for penetration testing and security audits.
Installation
- Install via pacman:
sudo pacman -S theHarvester
Install Verification
Check the version to confirm installation:
theHarvester -h | head -n 1
Uninstall
sudo pacman -R theHarvester
Usage
Basic Syntax
theHarvester -d <domain> -b <sources>
Example: Harvest Emails and Subdomains
theHarvester -d example.com -b google,shodan
Key Options
| Option | Description |
|—————–|———————————————-|
| -d <domain> | Target domain (e.g., example.com). |
| -b <sources> | Comma-separated list of sources (e.g., google,bing). |
| -l <limit> | Maximum number of results to retrieve. |
| -f <file> | Save output to a file (e.g., report.txt). |
| -h | Display help menu. |
Supported Sources
- Search Engines: Google, Bing, Yahoo
- APIs: Shodan, VirusTotal, DNSdumpster, CertSpotter
- Others: Netcraft, SecurityTrails, CRT.SH
Example Workflow
Find Subdomains and Emails
theHarvester -d target.com -b google,bing,shodan -l 500 -f results.txt
Analyze Results with VirusTotal
theHarvester -d malicious-domain.com -b virustotal
Official Documentation & More Info
Contributing
- Fork the repository.
- Create a feature branch (
git checkout -b feature/your-changes). - Submit a pull request via GitHub.
Support
- Report issues on GitHub.
- Join the community discussions in the repository’s Discussions tab.
License
theHarvester is released under the GPLv2 License.