E-mails, subdomains and names Harvester - OSINT
Alternatives To Theharvester
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
1a day ago2February 04, 201924Python
E-mails, subdomains and names Harvester - OSINT
11 days ago205July 21, 202220gpl-3.0Python
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
H8mail3,4761a month ago15June 25, 202222otherPython
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
7 days ago2mitGo
An automated e-mail OSINT tool
10 months ago1August 24, 202017gpl-3.0Python
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
15 days ago19July 17, 202110mpl-2.0Python
Python library for accurately querying username and email usage on online platforms
3 days ago7mitTypeScript
A browser extension for OSINT search
a year ago6Python
OSINT tool to find breached emails, databases, pastes, and relevant information
a month agogpl-3.0Python
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed and obtain Google account information via GHunt.
2 years agomitPython
A OSINT tool to obtain a target's phone number just by having his email address
Alternatives To Theharvester
Select To Compare

Alternative Project Comparisons


TheHarvester CI TheHarvester Docker Image CI Rawsec's CyberSecurity Inventory

What is this?

theHarvester is a simple to use, yet powerful tool designed to be used during the reconnaissance stage of a red
team assessment or penetration test. It performs open source intelligence (OSINT) gathering to help determine
a domain's external threat landscape. The tool gathers names, emails, IPs, subdomains, and URLs by using
multiple public resources that include:

Passive modules:

Active modules:

  • DNS brute force: dictionary brute force enumeration
  • Screenshots: Take screenshots of subdomains that were found

Modules that require an API key:

Documentation to setup API keys can be found at -

  • bevigil - Free upto 50 queries. Pricing can be found here:
  • binaryedge - $10/month
  • bing
  • bufferoverun - uses the free API
  • censys - API keys are required and can be retrieved from your Censys account.
  • criminalip
  • fullhunt
  • github
  • hunter - limited to 10 on the free plan, so you will need to do -l 10 switch
  • hunterhow
  • intelx
  • netlas - $
  • onyphe -$
  • pentestTools - $
  • projecDiscovery - invite only for now
  • rocketreach - $
  • securityTrails
  • shodan - $
  • tomba - Free up to 50 search.
  • zoomeye

Install and dependencies:

Comments, bugs, and requests:

  • Twitter Follow Christian Martorella @laramies [email protected]
  • Twitter Follow Matthew Brown @NotoriousRebel1
  • Twitter Follow Jay "L1ghtn1ng" Townsend @jay_townsend1

Main contributors:

  • Twitter Follow Matthew Brown @NotoriousRebel1
  • Twitter Follow Jay "L1ghtn1ng" Townsend @jay_townsend1
  • Twitter Follow Lee Baird @discoverscripts


  • John Matherly - Shodan project
  • Ahmed Aboul Ela - subdomain names dictionaries (big and small)
Popular Osint Projects
Popular Email Projects
Popular Data Processing Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Search Engine
Information Gathering