Using theharvester OSINT tool in python scripts

theHarvester

is a very simple, yet effective tool designed to be used in the early stages of a penetration test. It can be used for open source intelligence gathering and helping to determine a company's external threat landscape on the internet.

With this tool you can scrounge the following information from the internet

• E-mails

• Subdomains

• Social names

• Portscanner

Installing theHarvester

pip3 install theHarvester

or you can perform the following

sudo apt-get install python3-pip
sudo pip3 install virtualenv 

#
# Create virtualenv

virtualenv venv 

# Or create a python version specific virtualenv

virtualenv -p python3 myenv
#
# Now clone the git repo
git clone https://github.com/laramies/theHarvester.git
#
pip3 install -r requirements.txt
#
# Wait until the installation is done.

Using it in your python scripts

import theHarvester
from theHarvester.discovery import bingsearch
from theHarvester.discovery import googlesearch

#....and more....
# or
# from theHarvester.discovery import *

baidu = baidusearch.SearchBaidu("nmmapper.com", 100)
baidu.do_search()

# Each discovery engine has it's own method
# not all have get_emails

emails = baidu.get_emails()
hostnames = baidu.get_hostnames()
# That's how you can use theHarvester in any other python3 module

This tool is very powerful. And among it's most powerful public sources includes googlesearch, though google blocks the IP making the request if the request is made several times. Currently they are working on a solution to google blocking.

References

• https://github.com/laramies/theHarvester
• https://www.nmmapper.com/kalitools/theharvester/email-harvester-tool/online/