Use Harvester For Information Gathering And Penetration Testing


Use Harvester For Information Gathering And Penetration Testing. The Harvester is a tool for information gathering of e-mail accounts, sub domain names, virtual hosts, open ports/ banners, and employee names from different public sources (search engines, PGP key servers). 

Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet.

Important Addons built inside:

-> PGP: pgp key server - www.rediris.es/keyserver/

-> Linkedin: google search engine, specific search for Linkedin users

-> Shodan: Shodan Computer search engine, will search for ports and banner of the discovered hosts  (http://www.shodanhq.com/).
SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.


-> vhost: Bing virtual hosts search

New Features:

> Time delays between request
> All sources search
> Virtual host verifies
> Active enumeration (DNS enumeration, Reverse lookups, TLD expansion)
> Integration with SHODAN computer database, to get the open ports and banners
> Save to XML and HTML
> Basic graph with stats