Reworking hunter search engine into theHarvester.py to work properly.

2025-02-24 22:42:56 +08:00 · 2018-11-04 19:15:07 -05:00 · 2018-11-04 19:15:07 -05:00 · 73642b5843
commit 73642b5843
parent 7c757ce510
4 changed files with 60 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -62,7 +62,7 @@ The sources are:

 * shodan: Shodan Computer search engine, will search for ports and banner of the
         discovered hosts  (http://www.shodanhq.com/)
-
+* hunter: Hunter search engine

 Active:
 -------
@ -76,7 +76,7 @@ Modules that need API keys to work:
 * googleCSE: You need to create a Google Custom Search engine(CSE), and add your
 Google API key and CSE ID in the plugin (discovery/googleCSE.py)
 * shodan: You need to provide your API key in discovery/shodansearch.py (one provided at the moment)
-
+* hunter: You need to provide your API key and run it as -u APIkey 

 Dependencies:
 ------------
--- a/discovery/googlesearch.py
+++ b/discovery/googlesearch.py
@ -93,7 +93,7 @@ def process(self,google_dorking):
    def process_profiles(self):
        while self.counter < self.limit:
            self.do_search_profiles()
-            time.sleep(0.3)
+            time.sleep(0.2)
            self.counter += 100
            print "\tSearching " + str(self.counter) + " results..."

@ -146,7 +146,7 @@ def send_dork(self, start, end): # helper function to minimize code reusability
            try:
                link = self.links[i] # get link from dork list
                req = requests.get(link, params=params)
-                time.sleep(.3)  # sleep for a short time
+                time.sleep(.2)  # sleep for a short time
                self.results = req.content
                self.totalresults += self.results
            except:
--- a/discovery/huntersearch.py
+++ b/discovery/huntersearch.py
@ -0,0 +1,43 @@
+import myparser
+import time
+import requests
+
+class search_hunter:
+
+    def __init__(self, word, limit, start,key):
+        self.word = word
+        self.limit = limit
+        self.start = start
+        self.key = key
+        self.results = ""
+        self.totalresults = ""
+        self.counter = start
+        self.database = "https://api.hunter.io/v2/domain-search?domain=" + word + "&api_key=" + key
+
+    def do_search(self):
+        print 'conducting search'
+        try:
+            r = requests.get(self.database)
+        except Exception,e:
+            print e
+        self.results = r.content
+        self.totalresults += self.results
+
+    def process(self):
+        while self.counter <= self.limit and self.counter <= 1000:
+            self.do_search()
+            time.sleep(1)
+            print "\tSearching " + str(self.counter) + " results..."
+            self.counter += 100
+
+    def get_emails(self):
+        rawres = myparser.parser(self.totalresults, self.word)
+        return rawres.emails()
+
+    def get_hostnames(self):
+        rawres = myparser.parser(self.totalresults, self.word)
+        return rawres.hostnames()
+
+    def get_profiles(self):
+        rawres = myparser.parser(self.totalresults, self.word)
+        return rawres.profiles()
--- a/theHarvester.py
+++ b/theHarvester.py
@ -58,11 +58,12 @@ def usage():
    print "       -l: limit the number of results to work with(bing goes from 50 to 50 results,"
    print "            google 100 to 100, and pgp doesn't use this option)"
    print "       -h: use SHODAN database to query discovered hosts"
+    print "       -u: use hunter database to query discovered hosts, requires api key"
    print "\nExamples:"
    print "        " + comm + " -d microsoft.com -l 500 -b google -h myresults.html"
    print "        " + comm + " -d microsoft.com -b pgp"
    print "        " + comm + " -d microsoft -l 200 -b linkedin"
-    print "        " + comm + " -d microsoft.com -l 200 -b google -g"
+    print "        " + comm + " -d microsoft.com -l 200 -g -b google"
    print "        " + comm + " -d apple.com -b googleCSE -l 500 -s 300\n"


@ -71,7 +72,7 @@ def start(argv):
        usage()
        sys.exit()
    try:
-        opts, args = getopt.getopt(argv, "l:d:b:s:vf:nhcgpte:")
+        opts, args = getopt.getopt(argv, "l:d:b:s:u:vf:nhcgpte:")
    except getopt.GetoptError:
        usage()
        sys.exit()
@ -88,6 +89,7 @@ def start(argv):
    dnsbrute = False
    dnstld = False
    shodan = False
+    hunter = []
    vhost = []
    virtual = False
    ports_scanning = False
@ -114,6 +116,14 @@ def start(argv):
            dnsbrute = True
        elif opt == '-h':
            shodan = True
+        elif opt == '-u':
+            hunter.append(True)
+            if len(arg) < 3:
+                #user did not enter key
+                usage()
+                sys.exit()
+            else:
+                hunter.append(arg)
        elif opt == '-e':
            dnsserver = arg
        elif opt == '-p':
@ -122,7 +132,7 @@ def start(argv):
            dnstld = True
        elif opt == '-b':
            engines = set(arg.split(','))
-            supportedengines = set(["baidu","bing","crtsh","bingapi","dogpile","google","googleCSE","virustotal","threatcrowd","googleplus","google-profiles","linkedin","pgp","twitter","vhost","yahoo","netcraft","all"])
+            supportedengines = set(["baidu","bing","crtsh","bingapi","dogpile","google","googleCSE","virustotal","threatcrowd","googleplus","google-profiles","linkedin","pgp","twitter","vhost","yahoo","netcraft","hunter","all"])
            if set(engines).issubset(supportedengines):
                print "found supported engines"
                print "[-] Starting harvesting process for domain: " + word +  "\n"