Awesome Open Source
Awesome Open Source

theHarvester

TheHarvester CI TheHarvester Docker Image CI Language grade: Python Rawsec's CyberSecurity Inventory

What is this?

theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a
penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a
company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using
multiple public data sources that include:

Passive:

Active:

  • DNS brute force: dictionary brute force enumeration
  • Screenshots: Take screenshots of subdomains that were found

Modules that require an API key:

Documentation to setup API keys can be found at - https://github.com/laramies/theHarvester/wiki/Installation#api-keys

  • binaryedge - not free
  • bing
  • censys - API keys are required and can be retrieved from your Censys account.
  • fullhunt
  • github
  • hunter - limited to 10 on the free plan so you will need to do -l 10 switch
  • intelx
  • pentesttools - not free
  • projecdiscovery - invite only for now
  • rocketreach - not free
  • securityTrails
  • shodan
  • spyse - not free
  • zoomeye

Install and dependencies:

Comments, bugs, and requests:

  • Twitter Follow Christian Martorella @laramies [email protected]
  • Twitter Follow Matthew Brown @NotoriousRebel1
  • Twitter Follow Jay "L1ghtn1ng" Townsend @jay_townsend1

Main contributors:

  • Twitter Follow Matthew Brown @NotoriousRebel1
  • Twitter Follow Jay "L1ghtn1ng" Townsend @jay_townsend1
  • Twitter Follow Lee Baird @discoverscripts

Thanks:

  • John Matherly - Shodan project
  • Ahmed Aboul Ela - subdomain names dictionaries (big and small)


Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (805,485
Search (31,602
Email (21,336
Discovery (4,998
Search Engine (2,568
Subdomain (1,994
Threat (1,501
Osint (1,129
Hunter (1,039
Recon (888
Reconnaissance (587
Shodan (482
Information Gathering (371
Subdomain Enumeration (99