theHarvester from noob to pro, “All in one”


In this post, you will learn what is theHarvester and how does the tool works and also in addition you will learn who developed the tool and let’s see some examples on theHarvester and also I will give an alternative for this tool. Check the below video, it is all about the tool.


What is theHarvester

theHarvester is an Information-gathering tool. This tool is the same as the other passive information-gathering tool, but what makes this tool specific is the number of contributions for this tool in Github and I wondered.

There are more than 300 contributions. Mostly the tool was written in python and docker files and it was very easy to work with the tool.


Who developed the theHarvester tool

The tool was developed by the author and co, here when I say co they are the public people. Yes, this tool has got GPLV2, so, the public can contribute to GitHub.

Author of the tool

The tool author is Christian Martorella and this guy seems to be intelligent, ha Whatever. Let’s talk about the tool ????. I have given theHarvester download link and just go and download from the official page and I have also given the Author’s page go and check.

Well, I have to talk about this the author got a domain name called https://edge-security /blog. And I have noticed he have quite a good number of posts, go and check it!!!


What can the tool do

  1. Gather emails
  2. Subdomains searchs
  3. Hosts seraches
  4. employee names from twitter only
  5. Checks for open ports
  6. Banners from different public sources like search engines,
  7. PGP key servers and SHODAN computer database.


theHarvester Commands

  • -d: Target domain
  • -b: data source: Gatherers information from all possible sources
  • -v: verify hostname via DNS resolution and search for virtual hosts
  • -f: save the results in both XML and HTML format
  • -n: perform a DNS reverse on all possible ranges discovered
  • -c: perform a DNS brute force for the target domain name
  • -l: limits the number of results
  • -h: using SHODAN database


How to use theHarvester tool? ????


In the first example, we are doing the most common command,

theHarvester -d -b google

This command scans for google information on all the platforms, just try with a kali machine. You may enter bing or Twitter etc.,

Command of theHarvester


Let’s do a limit in the search

theHarvester -d -b linkedin -l 1000

-d for the target domain

-b for where you want to search

-l is limit only 1000 could be searched in this command

Limiting the result in theHarvester

Don’t mind the handwriting ????


Doing a brute force on the target

theHarvester -d -c 
Brute forcing in the tool


Doing a scan and saving either in HTML or XML format

theHarvester -d -b google -l 100 -f text
saving the result

The file will be automatically saved in HTML and XML format


According to my knowledge, this tool is best for scanning the subdomains and also this tool can perform another scan such as port scan but I mostly don’t use this tool because it is not giving a deep information gathering.


The alternative for this tool can be sublist3r and DMitry.

2 thoughts on “theHarvester from noob to pro, “All in one””

  1. Aw, this was a very nice post. In thought I would like to put in writing like this additionally ?taking time and actual effort to make a very good article?but what can I say?I procrastinate alot and under no circumstances seem to get one thing done.

Comments are closed.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top