Home » » UPDATE theHarvester 2.2a - Information Gathering Tool

UPDATE theHarvester 2.2a - Information Gathering Tool

Written By mediana saputra on Wednesday, 13 February 2013 | 22:48

The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.

This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. 

It is also useful for anyone that wants to know what an attacker can see about their organization.

Passive discovery:
  • google: google search engine - www.google.com
  • google-profiles: google search engine, specific search for Google profiles
  • bing: microsoft search engine - www.bing.com
  • bingapi: microsoft search engine, through the API (you need to add your Key in the discovery/bingsearch.py file)
  • pgp: pgp key server - pgp.rediris.es
  • linkedin: google search engine, specific search for Linkedin users
  • shodan: Shodan Computer search engine, will search for ports and banner of the discovered hosts (http://www.shodanhq.com/)
  • vhost: Bing virtual hosts search
Active discovery:
  • DNS brute force: this plugin will run a dictionary brute force enumeration
  • DNS reverse lookup: reverse lookup of ip´s discovered in order to find hostnames
  • DNS TDL expansion: TLD dictionary brute force enumeration
updated version 2.2.a on 13/02/2013
Bug fixes

Share this article :

Post a Comment

Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. Turorial Grapich Design and Blog Design - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger