Information is a weapon, a successful penetration testing and a hacking process need a lots of relevant information that is why, information gathering so called foot printing is the first step of hacking. An intelligent penetration tester use some intelligent tools and techniques to get the right information on a right time, for social engineering (human hacking) you need relevant information about a person. So the point of this little discussion is to realize the importance of information gathering.
What Is TheHarvester
After getting some knowledge about information gathering you might be interested to know how to perform it. TheHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key servers. This tools has designed to help the penetration tester on a earlier stage, it is an effective and simple tool that is very easy to use.
Supported Sources for Information Gathering
Google – emails,subdomains/hostnames
Google profiles – Employee names
Bing search – emails, subdomains/hostnames,virtual hosts
Pgp servers – emails, subdomains/hostnames
Linkedin – Employee names
- Exalead – emails,subdomain/hostnames
Related Information Gathering Tutorials
Foot-printing or information gathering is not a new term and we have discussed so many articles with different tools and techniques before for both Windows and Linux (Ubuntu, Backtrack), here is the comprehensive list of articles.
If you are using backtrack 5 and other versions of backtrack than you not need to download and run harvester because it is available on backtrack, while for other Linux distributions like ubuntu download and install it. However you can use Theharvester for other Operating system because it need python to run.If you are using Blackbuntu than theharvester available on it.
Theharvester is a very easy tool to use just follow the tutorial to get the best result. For backtrack open terminal and locate the directory.
For other distributions locate the directory. For best result I use the command
[email protected]:/pentest/enumeration/theharvester# ./theHarvester.py -d google.com -l 500 -b google
[email protected]:/pentest/enumeration/theharvester# ./theHarvester.py -d targetsite.com -l 500 -b google
So here is the result with complete details.
I hope you are enjoying the reading, now use the wonderful tool by yourself and if you have any question ask via comment box.
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.