From 7bd8f47b7f1f26090f353ee307948016bd604f5e Mon Sep 17 00:00:00 2001 From: Lee Baird Date: Tue, 1 Jan 2019 16:40:40 -0600 Subject: [PATCH 1/3] Updated README and alphabetized. --- .gitignore | 4 ++-- README.md | 14 +++++++------- lib/core.py | 13 ++++++------- theHarvester.py | 2 +- 4 files changed, 16 insertions(+), 17 deletions(-) diff --git a/.gitignore b/.gitignore index f19cee3b..830be271 100644 --- a/.gitignore +++ b/.gitignore @@ -4,8 +4,8 @@ .html .vscode .xml +debug_results.txt +discovery/constants.py stash.sqlite tests/myparser.py venv -debug_results.txt -discovery/constants.py diff --git a/README.md b/README.md index 5a377ae6..095967af 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | * * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| * * * -* theHarvester 3.0.6 v111 * +* theHarvester 3.0.6 v137 * * Coded by Christian Martorella * * Edge-Security Research * * cmartorella@edge-security.com * @@ -15,10 +15,10 @@ What is this? ------------- -theHarvester is a very simple, yet effective tool designed to be used in the early stages
-of a penetration test. Use it for open source intelligence gathering and helping to determine
-a company's external threat landscape on the internet. It gathers names, emails, subdomains,
-and virtual hosts using multiple public data sources that include: +theHarvester is a very simple, yet effective tool designed to be used in the early
+stages of a penetration test. Use it for open source intelligence gathering and helping
+to determine a company's external threat landscape on the internet. The tool gathers
+emails, subdomains, IPs, and URLs using multiple public data sources that include: Passive: -------- @@ -89,8 +89,8 @@ Add your keys to discovery/constants.py Dependencies: ------------- -* Do ```pip3 install -r requirements.txt``` -* Pip3 requires Python3 +* Python 3.6 +* pip3 install -r requirements.txt Changelog in 3.0: ----------------- diff --git a/lib/core.py b/lib/core.py index 793139e4..6bb7dcea 100644 --- a/lib/core.py +++ b/lib/core.py @@ -13,7 +13,7 @@ def banner(): print("* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *") print("* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *") print("* *") - print("* theHarvester 3.0.6 v111 *") + print("* theHarvester 3.0.6 v137 *") print("* Coded by Christian Martorella *") print("* Edge-Security Research *") print("* cmartorella@edge-security.com *") @@ -28,10 +28,11 @@ def usage(): print("Usage: theHarvester.py \n") print(" -d: company name or domain to search") - print(""" -b: source: baidu, bing, bingapi, censys, crtsh, cymon, dogpile, google, - googleCSE, google-certificates, google-profiles, - hunter, linkedin, netcraft, pgp, securityTrails, threatcrowd, - trello, twitter, vhost, virustotal, yahoo, all""") + print(""" -b: source: baidu, bing, bingapi, censys, crtsh, cymon, dogpile, + google, googleCSE, google-certificates, google-profiles, + hunter, linkedin, netcraft, pgp, securityTrails, threatcrowd, + trello, twitter, vhost, virustotal, yahoo, all""") + print(" -l: limit the number of search results") print(" -g: use Google Dorking instead of normal Google search") print(" -s: start with result number X (default: 0)") print(" -v: verify host name via DNS resolution and search for virtual hosts") @@ -41,8 +42,6 @@ def usage(): print(" -t: perform a DNS TLD expansion discovery") print(" -e: specify DNS server") print(" -p: port scan the detected hosts and check for Takeovers (21,22,80,443,8080)") - print(" -l: limit the number of results (Bing goes from 50 to 50 results,") - print(" Google 100 to 100, and PGP doesn't use this option)") print(" -h: use Shodan to query discovered hosts") print("\nExamples:") print((" " + comm + " -d acme.com -l 500 -b google -f myresults.html")) diff --git a/theHarvester.py b/theHarvester.py index 5340e78e..e4a48dcb 100755 --- a/theHarvester.py +++ b/theHarvester.py @@ -1,9 +1,9 @@ #!/usr/bin/env python +import datetime import getopt import re import stash -import datetime from discovery import * from discovery.constants import * from lib.core import * From b02e7e2151c56c0a8633ee28d8b2d87d73d22e02 Mon Sep 17 00:00:00 2001 From: Lee Baird Date: Tue, 1 Jan 2019 20:08:05 -0600 Subject: [PATCH 2/3] Added back names. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 095967af..1a7e39f8 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ What is this? theHarvester is a very simple, yet effective tool designed to be used in the early
stages of a penetration test. Use it for open source intelligence gathering and helping
to determine a company's external threat landscape on the internet. The tool gathers
-emails, subdomains, IPs, and URLs using multiple public data sources that include: +emails, names, subdomains, IPs, and URLs using multiple public data sources that include: Passive: -------- From beb88e2be413cb2b78228036a08ee9fd5111b69d Mon Sep 17 00:00:00 2001 From: Lee Baird Date: Tue, 1 Jan 2019 20:43:42 -0600 Subject: [PATCH 3/3] Added new module. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 1a7e39f8..b85915a8 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,8 @@ Passive: * dogpile: Dogpile search engine - www.dogpile.com +* duckduckgo: + * google: Google search engine (Optional Google dorking.) - www.google.com * googleCSE: Google custom search engine