How to use TheHarvester?

How to use TheHarvester? | Information Gathering Tutorial

The information gathering steps of  foot printing  and scanning are the most importance before hacking. My Goal is not encouraging you to use this tool for hacking purposes if your company like get news business this tool will really helpful to gathering the information about your client.

Author: Ranjitkumar 

TheHarvester has been developed in Python by Christian Martorella. It is a tool which provides us information of about e-mail accounts, user names and hostnames/subdomains from different public Data sources like search engines (google, googleCSE, bing, bingapi, pgp,linkedin, google-profiles, people123, jigsaw,twitter, googleplus, all).
This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.

TheHarvester supported are:-

  • Time delays between request
  • All sources search
  • Virtual host verifier
  • Active enumeration (DNS enumeration, Reverse lookups, TLD expansion)
  • Integration with SHODAN computer database, to get the open ports and banners
  • Save to XML and HTML
  • Basic graph with stats
  • New sources

 Lets go to the tutorial:-

If your are using Kali Linux or Backtrack TheHarvester is Pre-installed software 
In case, if it is not available in your distribution like CentosUbuntu or Fedora, than you can easily download it from TheHarvester, simply download it and extract it.

Provide execute permission to the by

 [root@Techlanda ~]#chmod 755

After getting in to that, simply run ./theharvester, it will display version and other option that can be used with this tool with detailed description.


Demonstrative Purpose I used Kali

Distributor ID: Kali
Description: Kali GNU/Linux 2.0
Release: 2.0
Codename: sana
Domain used:-

TheHarvester Syntax:-

[root@Techlanda ~]:~# theharvester –help*******************************************************************
* *
* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| ‘_ \ / _ \ / /_/ / _` | ‘__\ \ / / _ \/ __| __/ _ \ ‘__|
* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
* *
* TheHarvester Ver. 2.6 *
* Coded by Christian Martorella *
* Edge-Security Research *
* *

Usage: theharvester options

-d: Domain to search or company name
-b: data source: google, googleCSE, bing, bingapi, pgp
linkedin, google-profiles, people123, jigsaw,
twitter, googleplus, all

-s: Start in result number X (default: 0)
-v: Verify host name via dns resolution and search for virtual hosts
-f: Save the results into an HTML and XML file
-n: Perform a DNS reverse query on all ranges discovered
-c: Perform a DNS brute force for the domain name
-t: Perform a DNS TLD expansion discovery
-e: Use this DNS server
-l: Limit the number of results to work with(bing goes from 50 to 50 results,
-h: use SHODAN database to query discovered hosts
google 100 to 100, and pgp doesn’t use this option)
theharvester -d -l 500 -b google
theharvester -d -b pgp
theharvester -d microsoft -l 200 -b linkedin
theharvester -d -b googleCSE -l 500 -s 300
TheHarvester Command:-

[root@Techlanda ~]:~# theharvester -d -b google


[root@Techlanda ~]:~# theharvester -d -b all

This command will collect the information from multiple search engines supported by the specific version of theHarvester.

This command save the result in html format.

[root@Techlanda ~]:~# theharvester -d -b google -f techlanda.html




Similar Posts