11th Day of Christmas: theHarvester

On the 11th Day of Christmas, Div0 gave to me ... theHarvester, nmap Scripting Engine (NSE), msfvenom, searchsploit, urlcrazy, recon-ng, Zone Transfer Tool, Using Online Digest Databases, Hash Identification, Password Mutation Using JTR, and Custom Word List Generator (CeWL).

Written by Christian Martorella from Edge Security, theharvester is a tool (written in Python) that can help penetration testers understand their target’s footprint on the Internet. It does so by gathering emails, subdomains, hosts, employee names, open ports and banners from different public sources such as search engines, PGP key servers and the Shodan database.

theharverster is available preinstalled on Kali Linux.

Using theHarvester to gather information about edgis-security.org:

theHarvester can also be acquired via GitHub: https://github.com/laramies/theHarvester.

git clone git://github/laramies/theHarvester.git

As theHarvester uses public sources, it is important to always use the latest version for effective results.

Shared by Emil Tan, Skipper & Co-Founder of Div0.