theHarvester 3.0 released: E-mails/subdomains/names Harvester – OSINT


What is this?

theHarvester is a tool for gathering e-mail accounts, subdomain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, PGP key servers). Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company on the Internet.

The sources are:

-google: google search engine –

-googleCSE: google custom search engine

-google-profiles: google search engine, specific search for Google profiles

-bing: microsoft search engine –

-bingapi: microsoft search engine, through the API (you need to add your Key in
the discovery/ file)

-dogpile: Dogpile search engine –

-pgp: pgp key server –

-linkedin: google search engine, specific search for Linkedin users

-vhost: Bing virtual hosts search

-twitter: twitter accounts related to an specific domain (uses google search)

-googleplus: users that work in target company (uses google search)

-yahoo: Yahoo search engine

-baidu: Baidu search engine

-shodan: Shodan Computer search engine, will search for ports and banner of the
discovered hosts (


-DNS brute force: this plugin will run a dictionary brute force enumeration
-DNS reverse lookup: reverse lookup of ip´s discovered in order to find hostnames
-DNS TDL expansion: TLD dictionary brute force enumeration


Modules that need API keys to work:
-googleCSE: You need to create a Google Custom Search engine(CSE), and add your Google API key and CSE ID in the plugin (discovery/
-shodan: You need to provide your API key in discovery/

Changelog v3.0

  • Subdomain takeover checks
  • Port scanning (basic)
  • Improved DNS dictionary
  • Shodan DB search fixed
  • Result storage in Sqlite


pip install requests
git clone



Copyright 2011 Christian Martorella



Read more…


Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

Leave a Reply

SC ProDefence SRL - Cyber Security Services