Here in this video tutorial I have shown you guys how to extract email addresses from a websiteSteps and instructions -
But wait, what is this e-mail extraction ???
This harvesting method is used to get email addresses from a target website.
But why the hell would you do that ???
This information can be used to attack with phishing or any other method.
Just imagine if you get hundreds of email addresses from the target and send them some payloads or do phishing. The whole organization can be hacked from any one of the email addresses.
Lets do it -
* Kali Linux
* A target
We will be using Metasploit Framework for this.
Metasploit is the mother and father of all hacking frameworks.
Used by almost all white hats and some epic black hats.
1. Run metasploit.
Open your terminal and say "msfconsole"
This will fire up the Metasploit.
2. You will get the msfconsole.
Type in "use auxiliary/gather/search_email_collector" to use the auxiliary
3. You can explore more about options by typing "options"
Here only the DOMAIN option is needed to be set. If you want to save the results in file, you can do that too. For now its just the DOMAIN. Other options are default.
4. Set DOMAIN.
You need to type in "set DOMAIN microsoft.com"
The last time I extracted some 12 or more emails from microsoft. Lets see if we get few today....
The final step is to run it.
5. Type "run"
and wait for the results
There you go. It searched by google, bing and yahoo for the email addresses.
We got two email addresses. If we had a weak target, we could have got a big list.
I have made a set of Metasploit Tutorials from the beginning, you can get them here
You may want to read my other tutorials -