Saturday, 1 October 2016

How to use ‘theharvester’

How to use ‘theharvester’ –

‘Theharvester’ is a tool in Kali Linux used for information gathering.


                 As pen testers we all know that it is very
important to gain information of the target before we exploit it. All hackers including black hats take 90% of the time to gain
information of the target where other 10% is just to attack. So it is really important to get more information of the target like e-mail addresses, subdomains and host names.

For the purpose of this, the offensive security has given theharvester in kali linux. The tool is designed in python by Christian Martorella.

The sources supported are –

Google – emails, subdomains
Google profiles – Employee names
Bing search – emails, subdomains/hostnames, virtual hosts
Pgp servers – emails, subdomains/hostnames
LinkedIn – Employee names
Exalead – emails, subdomain/hostnames

It has new features like –

* Time delay between requests.

* XML results exporting.

To use this tool –
1.          Open kali terminal
2.          Type in – theharvester


This will show the usage for your knowledge purpose





        There are two methods you can use- 
1) with google.
                   2) with all.

1)We can try in google search –

Type in – theharvester –d ( target url ) –l 300 –b ( serach engine name )

Ie –

Type in – theharvester –d ( kali.org ) –l 300 –b ( google )





2) For all information we use all searches.


Type in – theharvester –d ( kali.org ) –l 300 –b all


We can save the reports in html.

Use the command

theharvester –d ( kali.org ) –l 300 –b google –f (file name)

ie-

theharvester –d ( kali.org ) –l 300 –b google –f reports

        The reports will be saved in Home  tab.














Theharvester is very easy tool to use. Thank you for reading this article.

No comments:

Post a Comment