theHarvester – OSINT Tool for Gathering Emails, Subdomains, and More

Danial Zahoor
2 Jun, 2025
Developed in Python, theHarvester automates the process of collecting valuable information about a target domain. It leverages various public data sources, including search engines and online databases, to extract:
 

theHarvester is an OSINT (Open Source Intelligence) tool used to collect publicly available information about a target domain. It helps gather:

  • Email addresses

  • Subdomains

  • IP addresses

  • Hostnames

  • Open ports (via Shodan or Censys)

  • Banners and metadata

This tool is commonly used during the reconnaissance phase of penetration testing, red teaming, or bug bounty hunting.

⚙️ How theHarvester Works

It gathers data from public sources using both passive and active reconnaissance.

Passive:

No direct interaction with the target — pulls data from:

  • Bing, DuckDuckGo, Baidu, Brave

  • crt.sh (certificate transparency logs)

  • Hunter.io, GitHub

  • Public repositories

Active:

May touch the target using:

  • Shodan (for open ports and banners)

  • Censys

  • DNS brute-forcing (optional)

🛠️ Installation

On Kali Linux:

Already installed. Just run:

theharvester -h

Manual Setup:

git clone https://github.com/laramies/theHarvester.git
cd theHarvester
python3 -m venv venv
source venv/bin/activate
pip install -r requirements/base.txt

API keys for Shodan, Hunter.io, etc. should be placed inside:

api-keys.yaml

🧪 Usage Examples

Basic:

python3 theHarvester.py -d example.com -b bing

Full Recon with All Sources:

python3 theHarvester.py -d example.com -b all -l 100 -f report.html -v

Options Breakdown:

  • -d → Target domain

  • -b → Source (e.g., bing, google, baidu, etc.)

  • -l → Limit number of results (e.g., -l 100)

  • -f → Save output to file (e.g., -f result.html)

  • -v → Verbose mode

📁 Output Formats

theHarvester supports:

  • .html for human-readable reports

  • .json, .xml for automation

  • .csv for Excel analysis

Example:

-f output.html

🔐 Ethical Use

Use only on targets you’re authorized to test. This tool is meant for:

  • Penetration testing (with permission)

  • Red teaming

  • Educational purposes

  • Bug bounty recon

Unauthorized scanning = illegal activity.

📚 Resources


Danial Zahoor

Danial Zahoor

Professional Ethical Hacker and Cybersecurity Researcher with a proven track record in dismantling online threats. Successfully neutralized 4 scammer networks, thwarted 13 phishing schemes, and disrupted 4 kidnapper networks. Committed to ensuring online safety and security, I leverage my expertise to protect individuals and organizations from digital threats. Passionate about cybersecurity education and empowering others to stay safe online.

Previous Post
No Comment
Add Comment
comment url