What is theHarvester?
theHarvester is a powerful OSINT tool used in the Reconnaissance phase of ethical hacking and penetration testing. It collects publicly available information such as emails, subdomains, hosts, employee names, open ports, and banners from various public sources including search engines, PGP key servers, and SHODAN.
⚠ Legal Notice
Only use on systems you own or have explicit written permission to test. Unauthorized use violates Pakistan's PECA 2016 and international cybercrime laws.
Installation
# Update packages sudo apt update # Install (pre-installed on Kali, otherwise:) sudo apt install theharvester -y # Verify installation theHarvester -h
Basic Usage
# Basic syntax theHarvester -d <domain> -b <source> # Gather emails and subdomains from Google (limit 500 results) theHarvester -d example.com -l 500 -b google # Use multiple sources theHarvester -d example.com -b google,bing,crtsh # Save results to HTML and XML report theHarvester -d example.com -b all -f report_output # List all available sources theHarvester -h
Common Sources (-b flag)
google— Google search engine resultsbing— Microsoft Bing search resultscrtsh— Certificate transparency logs (great for subdomains)linkedin— Employee names from LinkedInshodan— Open ports and banners (requires API key)all— Use all available sources
Common Use Cases
- Authorized penetration testing engagements
- CTF (Capture The Flag) competitions
- Internal security audits
- Bug bounty program reconnaissance
Further Reading
Practice on legal targets like TryHackMe, HackTheBox, or hackzia.site labs. Always read the official documentation before using in a live engagement.