laramies/theHarvester
1
1
Fork 0
mirror of https://github.com/laramies/theHarvester.git synced 2025-02-26 07:23:17 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #147 from leebaird/master

Browse source 
Updated README and alphabetized.
This commit is contained in:
Christian Martorella 2019-01-04 23:37:23 +01:00 committed by GitHub
commit 1a983c6ea1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 18 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -4,8 +4,8 @@
.html .html
.vscode .vscode
.xml .xml
debug_results.txt
discovery/constants.py
stash.sqlite stash.sqlite
tests/myparser.py tests/myparser.py
venv venv
debug_results.txt
discovery/constants.py

16
README.md
View file

@ -6,7 +6,7 @@
* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | * * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| * * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* * * *
* theHarvester 3.0.6 v111 * * theHarvester 3.0.6 v137 *
* Coded by Christian Martorella * * Coded by Christian Martorella *
* Edge-Security Research * * Edge-Security Research *
* cmartorella@edge-security.com * * cmartorella@edge-security.com *
@ -15,10 +15,10 @@
What is this? What is this?
------------- -------------
theHarvester is a very simple, yet effective tool designed to be used in the early stages<br> theHarvester is a very simple, yet effective tool designed to be used in the early<br>
of a penetration test. Use it for open source intelligence gathering and helping to determine<br> stages of a penetration test. Use it for open source intelligence gathering and helping<br>
a company's external threat landscape on the internet. It gathers names, emails, subdomains,<br> to determine a company's external threat landscape on the internet. The tool gathers<br>
and virtual hosts using multiple public data sources that include: emails, names, subdomains, IPs, and URLs using multiple public data sources that include:
Passive: Passive:
-------- --------
@ -36,6 +36,8 @@ Passive:
* dogpile: Dogpile search engine - www.dogpile.com * dogpile: Dogpile search engine - www.dogpile.com
* duckduckgo:
* google: Google search engine (Optional Google dorking.) - www.google.com * google: Google search engine (Optional Google dorking.) - www.google.com
* googleCSE: Google custom search engine * googleCSE: Google custom search engine
@ -89,8 +91,8 @@ Add your keys to discovery/constants.py
Dependencies: Dependencies:
------------- -------------
* Do ```pip3 install -r requirements.txt``` * Python 3.6
* Pip3 requires Python3 * pip3 install -r requirements.txt
Changelog in 3.0: Changelog in 3.0:
----------------- -----------------

13
lib/core.py
View file

@ -13,7 +13,7 @@ def banner():
print("* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *") print("* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *")
print("* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *") print("* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *")
print("* *") print("* *")
print("* theHarvester 3.0.6 v111 *") print("* theHarvester 3.0.6 v137 *")
print("* Coded by Christian Martorella *") print("* Coded by Christian Martorella *")
print("* Edge-Security Research *") print("* Edge-Security Research *")
print("* cmartorella@edge-security.com *") print("* cmartorella@edge-security.com *")
@ -28,10 +28,11 @@ def usage():
print("Usage: theHarvester.py <options> \n") print("Usage: theHarvester.py <options> \n")
print(" -d: company name or domain to search") print(" -d: company name or domain to search")
print(""" -b: source: baidu, bing, bingapi, censys, crtsh, cymon, dogpile, google, print(""" -b: source: baidu, bing, bingapi, censys, crtsh, cymon, dogpile,
googleCSE, google-certificates, google-profiles, google, googleCSE, google-certificates, google-profiles,
hunter, linkedin, netcraft, pgp, securityTrails, threatcrowd, hunter, linkedin, netcraft, pgp, securityTrails, threatcrowd,
trello, twitter, vhost, virustotal, yahoo, all""") trello, twitter, vhost, virustotal, yahoo, all""")
print(" -l: limit the number of search results")
print(" -g: use Google Dorking instead of normal Google search") print(" -g: use Google Dorking instead of normal Google search")
print(" -s: start with result number X (default: 0)") print(" -s: start with result number X (default: 0)")
print(" -v: verify host name via DNS resolution and search for virtual hosts") print(" -v: verify host name via DNS resolution and search for virtual hosts")
@ -41,8 +42,6 @@ def usage():
print(" -t: perform a DNS TLD expansion discovery") print(" -t: perform a DNS TLD expansion discovery")
print(" -e: specify DNS server") print(" -e: specify DNS server")
print(" -p: port scan the detected hosts and check for Takeovers (21,22,80,443,8080)") print(" -p: port scan the detected hosts and check for Takeovers (21,22,80,443,8080)")
print(" -l: limit the number of results (Bing goes from 50 to 50 results,")
print(" Google 100 to 100, and PGP doesn't use this option)")
print(" -h: use Shodan to query discovered hosts") print(" -h: use Shodan to query discovered hosts")
print("\nExamples:") print("\nExamples:")
print((" " + comm + " -d acme.com -l 500 -b google -f myresults.html")) print((" " + comm + " -d acme.com -l 500 -b google -f myresults.html"))

2
theHarvester.py
View file

@ -1,9 +1,9 @@
#!/usr/bin/env python #!/usr/bin/env python
import datetime
import getopt import getopt
import re import re
import stash import stash
import datetime
from discovery import * from discovery import *
from discovery.constants import * from discovery.constants import *
from lib.core import * from lib.core import *