Backtrack Information Gathering Pentesting Tools

theharvester – Information Gathering

TheHarvester – this tools is intended to help Penetration testers in the early stages of the project It’s a really simple tool, but very effective, this tool can gather information like user names, hostsname and domains from public or an organization.

This is a complete rewrite of the tool with new features like:

  • Time delays between request
  • All sources search
  • Virtual host verifier
  • Active enumeration (DNS enumeration, Reverse lookups, TLD expansion)
  • Integration with SHODAN computer database, to get the open ports and banners
  • Save to XML and HTML
  • Basic graph with stats
  • New sources


For Backtrack user:

1. Open a terminal and run the following command.

/pentest/enumeration/theharvester

Note drop the www. from the url your interested in, example http://www.pir8geek.com becomes pir8geek.com
Usage: theharvester options

-d: Domain to search or company name
-b: Data source (google,bing,bingapi,pgp,linkedin,google-profiles,exalead,all)
-s: Start in result number X (default 0)
-v: Verify host name via dns resolution and search for virtual hosts
-f: Save the results into an HTML and XML file
-n: Perform a DNS reverse query on all ranges discovered
-c: Perform a DNS brute force for the domain name
-t: Perform a DNS TLD expansion discovery
-e: Use this DNS server
-l: Limit the number of results to work with(bing goes from 50 to 50 results,
-h: use SHODAN database to query discovered hosts
google 100 to 100, and pgp doesn’t use this option)

Examples:.

Enjoy…

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply