theHarvester – Email Harvesting & Social Engineering
Overview
theHarvester is an OSINT gathering tool to help determine a domain's external threat landscape. It gathers names, emails, IPs, subdomains, and URLs by using multiple search engines.
In this article, we will show you how to use theHarvester, mainly as an email harvesting tool. emails can be extracted based on a given domain by using different search engines such as Bing, Virustotal, Shodan and etc. These email addresses can be used for brute-forcing login accounts or social engineering.
You can download theHarvester from here.
How to use theHarvester
The command format to use theHarvester is:
theHarvester -d <domain> -b <search engine source>
To elaborate:
-d (is used to specify the target domain)
-b (is used to specify the search engines...