theHarvester

mirror of https://github.com/laramies/theHarvester.git synced 2024-09-22 00:06:30 +08:00

E-mails, subdomains and names Harvester - OSINT

blueteam discovery emails information-gathering osint python recon reconnaissance redteam starred-laramies-repo starred-repo subdomain-enumeration

Go to file

J.Townsend 1821ce48a1 Merge pull request #313 from noraj/patch-1 add missing dependency		2019-10-02 23:49:23 +01:00
.github	Update CI for otx and Intelx	2019-09-25 21:31:31 +01:00
tests	Fixed test in test_otx and fixed pep8 error in main.py	2019-09-25 15:17:24 -04:00
theHarvester	Fix reference before assignment when no source is specified.	2019-09-29 13:13:30 +02:00
wordlists	Syncing and updated crtsh to work properly.	2019-08-08 00:27:42 -04:00
.gitattributes	Removed google-profiles and clean up.	2019-02-13 23:05:52 -06:00
.gitignore	Removing old reporting code	2019-09-11 23:53:43 +02:00
.lgtm.yml	Make sure we set lgtm.yml to use python3	2019-09-22 22:24:22 +01:00
.travis.yml	Update CI for otx and Intelx	2019-09-25 21:31:31 +01:00
api-keys.yaml	Syncing and updated crtsh to work properly.	2019-08-08 00:27:42 -04:00
CONTRIBUTING.md	Move contributing to the correct place and file name convention	2019-09-08 00:55:09 +01:00
COPYING	Fix line endings.	2019-02-04 13:48:29 +01:00
Dockerfile	Update dockerfile to use the kalilinux image	2019-09-25 00:35:14 +01:00
LICENSES	Fix line endings.	2019-02-04 13:48:29 +01:00
mypy.ini	More ci and docs update	2019-09-07 13:31:53 +01:00
README.md	Update README.md	2019-09-25 23:12:24 +01:00
requirements.txt	add missing dependency	2019-10-02 23:45:41 +02:00
setup.cfg	flake8 changes/ lgtm fixes	2019-09-12 22:27:03 +01:00
setup.py	Travis fixes/flake8 fixes	2019-09-01 01:27:13 +01:00
theHarvester-logo.png	Update theHarvester-logo.png	2019-09-10 23:14:45 +02:00
theHarvester.py	Solve issue #259	2019-07-03 12:44:22 +02:00

README.md

What is this?

theHarvester is a very simple, yet effective tool designed to be used in the early
stages of a penetration test. Use it for open source intelligence gathering and
helping to determine a company's external threat landscape on the internet. The
tool gathers emails, names, subdomains, IPs, and URLs using multiple public data
sources that include:

Passive:

baidu: Baidu search engine - www.baidu.com
bing: Microsoft search engine - www.bing.com
bingapi: Microsoft search engine, through the API (Requires API key, see below.)
censys: Censys.io search engine - www.censys.io
crtsh: Comodo Certificate search - www.crt.sh
dnsdumpster: DNSdumpster search engine - dnsdumpster.com
dogpile: Dogpile search engine - www.dogpile.com
duckduckgo: DuckDuckGo search engine - www.duckduckgo.com
Exalead: a Meta search engine - https://www.exalead.com/search
github-code: Github code search engine (Requires Github Personal Access Token, see below.) - www.github.com
google: Google search engine (Optional Google dorking.) - www.google.com
hunter: Hunter search engine (Requires API key, see below.) - www.hunter.io
intelx: Intelx search engine (Requires API key, see below.) - www.intelx.io
linkedin: Google search engine, specific search for Linkedin users - www.linkedin.com
netcraft: Netcraft Data Mining - www.netcraft.com
otx: AlienVault Open Threat Exchange - https://otx.alienvault.com
securityTrails: Security Trails search engine, the world's largest repository
of historical DNS data (Requires API key, see below.) - www.securitytrails.com
shodan: Shodan search engine, will search for ports and banners from discovered
hosts - www.shodanhq.com
threatcrowd: Open source threat intelligence - www.threatcrowd.org
trello: Search trello boards (Uses Google search.)
twitter: Twitter accounts related to a specific domain (Uses Google search.)
vhost: Bing virtual hosts search
virustotal: virustotal.com domain search
yahoo: Yahoo search engine