Hello everybody and welcome back. In this tutorial we will cover the email harvesting tool which is basically called, The Harvester.
If you find anything helpful in this post or funny, will you please leave a like because you will feel great helping other people find it?
So, in the last tutorial I checked out if we have it installed already and we do.
So I will just locate it and we will run it because I already tried to run it from here and it just doesn’t work.
So let’s just locate it first and we can see that it is stored in this directory usr/share/golismero/tools.
So we will just go to that directory and we can see here a few programs and we will change our directory to theHarvester.
So if we type here cd theHarvester we can see that right here we have an executable Python file which we will run in order to run this program.
I just want to tell you that this program basically doesn’t work from time to time.
So, for example, once I run it, it might print us the emails and it might not. Because I ran this a bunch of times on the same website and it sometimes just finds a lot of things and sometimes it just doesn’t find anything.
So if we just run this program it will show us an error and it will say “The domain search is mandatory.” So we basically need to specify our domain website.
So let me just type here the help option which is theHarvester.py -h and it will show us our available options.
Here we can see that the -d is basically specifying the domain or company name to search for.
The -b is engine. So, the search engine. By default it will be Google as it says right here. We want to leave it on that since I believe Google is the best.
And here we can have the -l which is also an important option which stands for limit. It will limit the number of results to work with.
So basically if you just type d200 it will search for the first 200 results and it will show us the emails and hosts from those 200.
Now, we can try these examples right here. So we will just copy the first one. Let’s just use -d microsoft.com -l for the results number which we will set to 500 and -b in order for it to be Googled.
So let’s just try this. It will take a few seconds. It might find something and it might not.
Basically if it doesn’t find anything you can try using the same command later on and it will probably work. It just decides from time to time when it will find and when it will not.
So if it doesn’t work we won’t really care much about it. We will just continue on with the tutorials and you can try it out later with the same command.
So here we go. It is soon going to finish it, but in this case we just weren’t able to find anything.
So let me just try here another website or basically we just type Microsoft without .com. Maybe it will search it as a company name and it might find some of the results.
We will give it one more try after it if it doesn’t find anything here and then we will finish the tutorial there since there is no point.
As I said, sometimes this tool finds something and sometimes it just doesn’t want to find anything.
So we will wait for this to finish. The first 200 results are already over.
No, this one didn’t work as well.
So let me just try out one website that worked 20 minutes ago when I tried it. This is a website from my country. Basically some university website. It doesn’t even matter.
You can try this on any website you want. Maybe if we use the other website maybe it will print us something.
If it doesn’t we’ll just proceed to the next tutorial which will be Shodan which is basically a search engine or a website that we use to search for the vulnerable devices.
Now you will be surprised how many vulnerable devices are out there on the internet. The most common vulnerable devices are basically the routers with the default username and passwords. If you were to go on to the login page of that IP address you will be able to enter their router and change all their settings.
But more about that in the next tutorial as we can see this one didn’t work either.
So three times we tried and it didn’t work. So basically, later on or tomorrow or whenever you want you can just try the command out once again and it will probably work.
It just doesn’t want to work right now.
So once again it is located in this directory.
You won’t be able to run it from the terminal or from any directory. If you want to, I will show you in the next tutorials how to move a file and be able to run it from any directory with just its name.
So, for example, I will show you how to run this file with just its name and not go into this directory all the time when we want to use it.
But we will teach that in some of the other tutorials. And for now on I will cut the tutorial short here and I hope I see you in the next one.
Thank you very much for watching this video tutorial that I, Jerry Banfield executive-produced, meaning I hired the instructor to make a video for you as a part of a Master Ethical Hacking in 2019 course that I imagine you will love and enjoy.
You can unlock a career in penetration testing and go from beginner to advanced in this brand new course all with the same instructor that we’ve just went through in the video here together.
We’ve got five sections of the course ready for you now and we are making new videos every single week for this course for you.
I imagine by the end of 2019, this course will include 10 to 20 hours of Ethical Hacking tutorials for you from the very basics, which we’ve already got, into advanced things like building your own custom hacking tools.
This course also has a Discord Server and a Facebook group where you can get answers to your questions from ethical hackers and fellow students.
If you would like to buy the course, will you please use this link to buy it for $8.81 because I imagine if you’ve got this far in you will absolutely love the full course.
You can also get this as a part of the Jerry Banfield Forever course bundle which includes all of the classes I teach as the instructor, I make a new class every week or so, and all of the courses I pay instructors to make as in this hacking course for life.
My purpose in this is for it to be the best value you’ve ever got in education on in-demand subject.
I am intending to make anywhere from 50 to 100 new courses for you in a year indefinitely, both myself and as the executive producer.
Thank you very much for watching this tutorial. I imagine if you found it helpful you’ll leave a like to help others find this information that you found valuable with us.
Where to see more.
You’ve got this far in I imagine you will love seeing the videos we keep creating for you each day. Will you please subscribe on YouTube and like on Facebook, because that will give you two ways to see the same videos every single day and you will be like, “Oh, my god stop spamming my newsfeed. Oh, I’m sick of you. I’m not subscribing and not linking.”
I mean, you’re going to have a great time. You’re going to love the videos we put out every single day. It’s going to be a blast.
We’re going to do a journey together of a lifetime starting or continuing today.