Using theHarvester to automate hacks in python sciprs

Like the name suggest, theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources. It’s such a power full tool that it uses over 24+ public sources to gather information this sources range from;

  • Baidu
  • Google
  • Censys

and more like yahoo.
These tool has a very basic Portscanner so basic that is just uses normal python sockets to determine open ports, not so advanced like nmap.

The design of this tool makes it very suitable for system admin work, it’s has lots of module and this modules are based on it’s public sources engine.
Installing the Harvester

Clone there respository here then install the virtualenv

sudo apt-get install python3-pip

sudo pip3 install virtualenv

virtualenv theharvestertool

After activating the virtual env you just created. Go where you cloned the repository and

python3 install

Now you are ready to use theHarvester as a module to perform automation.
import theHarvester

from theHarvester.discovery import baidusearch
from theHarvester.discovery import bingsearch
from theHarvester.discovery import dnsdumpster
from theHarvester.discovery import googlesearch
#....and more....
# or
# from theHarvester.discovery import *
baidu = baidusearch.SearchBaidu("", 100)

# Each discovery engine has it's own method
# not all have get_emails

emails = baidu.get_emails()
hostnames = baidu.get_hostnames()

That is how simple that tool is. And I guess that’s how they did intergrate it here theHarvester Hosted online

1 Like