Like the name suggest, theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources. It’s such a power full tool that it uses over 24+ public sources to gather information this sources range from;
- Baidu
- Censys
and more like yahoo.
These tool has a very basic Portscanner so basic that is just uses normal python sockets to determine open ports, not so advanced like nmap.
The design of this tool makes it very suitable for system admin work, it’s has lots of module and this modules are based on it’s public sources engine.
Installing the Harvester
Clone there respository here https://github.com/laramies/theHarvester then install the virtualenv
sudo apt-get install python3-pip
sudo pip3 install virtualenv
virtualenv theharvestertool
After activating the virtual env you just created. Go where you cloned the repository and
python3 setup.py install
Now you are ready to use theHarvester as a module to perform automation.
import theHarvester
from theHarvester.discovery import baidusearch
from theHarvester.discovery import bingsearch
from theHarvester.discovery import dnsdumpster
from theHarvester.discovery import googlesearch
#....and more....
# or
# from theHarvester.discovery import *
baidu = baidusearch.SearchBaidu("nmmapper.com", 100)
baidu.do_search()
# Each discovery engine has it's own method
# not all have get_emails
emails = baidu.get_emails()
hostnames = baidu.get_hostnames()
That is how simple that tool is. And I guess that’s how they did intergrate it here theHarvester Hosted online