Jigsaw Pentest Kali Linux Tutorial

Kali Linux is an advancement in Backtrack distribution, after backtrack 5 we have Kali Linux as a backtrack 6. But the team has changed series of penetration testing distribution so it is called Kali rather than backtrack 6. It is more stable, secure and it has the largest number of ethical hacking tools already installed. There are so many other advantages along with disadvantages but it is not the topic of consideration, in this article I will discuss the practical usage of a tool called Jigsaw pentest.

The installation of Kali Linux is very easy and all of the possible installation techniques of pentest Linux distribution have already been discussed on Backtrack 5 category. So I am not supposed to get  questions like: How to install Kali Linux and how to make bootable USB for Kali installation ? and so on. The requirement of this article is that you have already installed and configure Kali on your computer.

This article is a small demonstration of a tool which is already available on Kali, so you need not to worry about any installation. You might have heard about Jigsaw, it is an online business directory or database by SalesForce, It contains information of the business professionals along with their email address. Email harvesting is an important aspect of information security, so let suppose while doing a penetration testing you need to find out some information of an organization. By applying social engineering technique on an employee of this organization, you may get what is required. Jigsaw is very helpful in this scenario because it can give the personal information of an employee along with some organizational information.    


Email Harvesting by Using Jigsaw in Kali Linux

Jigsaw is a simple ruby script that can search on jigsaw.com for an employee record, on your Linux locate:

Applications –> Kali Linux –> Information Gathering –> OSINT Analysis –> Jigsaw

    example: jigsaw -s Google

    -i, –id [Jigsaw Company ID]     The Jigsaw ID to use to pull records
    -s, –search [Company Name]      Name of organization to search for
    -r, –report [Output Filename]   Name to use for report EXAMPLE: ‘-r google’ will generate ‘google.csv’
    -d, –domain [Domain Name]       If you want you can specify the domain name to craft emails with
    -v, –verbose                    Enables verbose output
    -u, –username [Email Address]   Your Jigsaw Username, which is your email
    -p, –password [Password]        Your Jigsaw Password


You can create a free account on Jigsaw.com so that the tool can extract information. The usage is very simple as mentioned above, an example of the usage is as follows:

There are many tools are available for Email Harvesting but it is unique because it can extract information from Jigsaw.com rather than finding an email on Google. Share your experiences regarding the tool.


Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...