*****************************[<MEGAPRIMER 1.0.2>theHarvester<G>ENUMERATION>INFORMATION GATHERING]
*TheHarvester Ver. 2.1 (reborn) * Back Track 5R2 GNOME X64
*Coded by Christian Martorella   *+ -- --=[ Ssvforensic.blogspot.com- 2nd post]
*Edge-Security Research          *+ -- --=[ 1 Secured - 1 Stated - 2 Forensics]
*cmartorella@edge-security.com   * =[ Ss_Veritas updated 1 days ago (2012.04.11)]
*************************************************************************
The Harvester
TheHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains from different public sources like search engines and PGP key servers.

Written For

Security professionals : This tools is intended to help Penetration testers in the early stages of the project It's a really simple tool, but very effective.
Black,White,Greyhats :Information gathering,social engineering and who knows what.

Man theHarvester

ssvlabsdemo

root@bt:/pentest/enumeration/theharvester# ./theHarvester.py -d abcd.xx.ke -l 50 -b google

[+] Emails found: 50
------------------

[+] Hosts found in search engines:
------------------------------------

AA.BCD.XXX.16:abcd.xx.ke
(( --- HRIS ))

(( --- LIC ))

(( --- NERO ))

Ssvforensics

Information dumped interesting for the pentester and the hacker;

• Email adresses of the client or victim
• Public Ip's have been given away,a DOS might be likely on the way
• Usernames nomenclature which is most likely the same from the AD and generating passwd lists.
• Hostnames and Subdomains,in the above demo,8 domains revealed,zeroing down is made easy.
• Sniffing to get plain text passwd,downloading pst's,blackmailing,impersonation,social engineering,mail routing channels for malware can be a reality.

Reading List Download page

*theHarvester download theHarvester now!

Disclaimer

Obtain advance express permission from the owner or maintainer of the appliance 
before searching it with any automated tool for various legal and moral reasons.
Ssvforensic is not liable for what you do.