{"id":13473941,"url":"https://github.com/laramies/theHarvester","last_synced_at":"2025-03-26T20:30:30.925Z","repository":{"id":1273687,"uuid":"1212922","full_name":"laramies/theHarvester","owner":"laramies","description":"E-mails, subdomains and names Harvester - OSINT ","archived":false,"fork":false,"pushed_at":"2024-10-28T22:34:00.000Z","size":7946,"stargazers_count":11354,"open_issues_count":20,"forks_count":2008,"subscribers_count":296,"default_branch":"master","last_synced_at":"2024-10-30T06:33:47.593Z","etag":null,"topics":["blueteam","discovery","emails","information-gathering","osint","python","recon","reconnaissance","redteam","subdomain-enumeration"],"latest_commit_sha":null,"homepage":"http://www.edge-security.com/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/laramies.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["L1ghtn1ng","NotoriousRebel"],"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2011-01-01T20:40:15.000Z","updated_at":"2024-10-30T06:10:53.000Z","dependencies_parsed_at":"2023-07-05T19:32:35.825Z","dependency_job_id":"626c48b8-3d87-453e-9f0c-460001f366c0","html_url":"https://github.com/laramies/theHarvester","commit_stats":{"total_commits":2235,"total_committers":105,"mean_commits":"21.285714285714285","dds":0.7391498881431767,"last_synced_commit":"0486e072b5842608e1e75b088070ee58c48d8b23"},"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laramies%2FtheHarvester","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laramies%2FtheHarvester/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laramies%2FtheHarvester/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laramies%2FtheHarvester/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/laramies","download_url":"https://codeload.github.com/laramies/theHarvester/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245394780,"owners_count":20608127,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blueteam","discovery","emails","information-gathering","osint","python","recon","reconnaissance","redteam","subdomain-enumeration"],"created_at":"2024-07-31T16:01:08.205Z","updated_at":"2025-03-26T20:30:30.913Z","avatar_url":"https://github.com/laramies.png","language":"Python","funding_links":["https://github.com/sponsors/L1ghtn1ng","https://github.com/sponsors/NotoriousRebel"],"categories":["Open Sources Intelligence (OSINT)","Python","Uncategorized","Tools","Python (1887)","扫描器、资产收集、子域名","[↑](#-Table-of-Contents) Other Tools","[↑](#-table-of-contents) Other Tools","[↑](#table-of-contents) Tools and frameworks","Repos","[↑](#contents) Other Tools","1. [↑](#-content) OSINT","Awesome Penetration Testing (\"https://github.com/Muhammd/Awesome-Pentest\")","redteam","Tools by Category","Red Team","python","📡 Network Scanning / Reconnaissance","Cross-cutting","Synopsis","ابزارهای امنیتی","[↑](#-table-of-contents) URLs",":sun_with_face: Common Commands \u0026 CLI","OSINT","Penetration Testing","information-gathering","Programming/Comp Sci/SE Things","OSINT Tools","Security Tools","Table of Contents","🤖 AI \u0026 Machine Learning"],"sub_categories":["Metadata harvesting and analysis","Uncategorized","Posts from Hacker101 members on how to get started hacking","网络服务_其他","[↑](#-Table-of-Contents) Telegram","[↑](#-table-of-contents) Telegram","OSINT tools","Network Pentesting","[↑](#contents) LinkedIn","Tools","[↑](#contents) Telegram","👤 Username \u0026 Identity Research","OSINT","🕵️ OSINT","Table of Contents","OSINT Tools","کار با زمان و تقویم","[↑](#-table-of-contents) GitHub","Allgemein","Information Gathering","OSINT (Open Source Intelligence)","Web Vulnerability Scanners"],"readme":"![theHarvester](https://github.com/laramies/theHarvester/blob/master/theHarvester-logo.webp)\n\n![TheHarvester CI](https://github.com/laramies/theHarvester/workflows/TheHarvester%20Python%20CI/badge.svg) ![TheHarvester Docker Image CI](https://github.com/laramies/theHarvester/workflows/TheHarvester%20Docker%20Image%20CI/badge.svg)\n[![Rawsec's CyberSecurity Inventory](https://inventory.raw.pm/img/badges/Rawsec-inventoried-FF5050_flat_without_logo.svg)](https://inventory.raw.pm/)\n\nWhat is this?\n-------------\ntheHarvester is a simple to use, yet powerful tool designed to be used during the reconnaissance stage of a red\u003cbr\u003e\nteam assessment or penetration test. It performs open source intelligence (OSINT) gathering to help determine\u003cbr\u003e\na domain's external threat landscape. The tool gathers names, emails, IPs, subdomains, and URLs by using\u003cbr\u003e\nmultiple public resources that include:\u003cbr\u003e\n\nPassive modules:\n----------------\n* anubis: Anubis-DB - https://github.com/jonluca/anubis\n\n* bevigil: CloudSEK BeVigil scans mobile application for OSINT assets (Requires an API key, see below.) - https://bevigil.com/osint-api\n\n* baidu: Baidu search engine - www.baidu.com\n\n* binaryedge: List of known subdomains (Requires an API key, see below.) - https://www.binaryedge.io\n\n* bing: Microsoft search engine - https://www.bing.com\n\n* bingapi: Microsoft search engine, through the API (Requires an API key, see below.)\n\n* brave: Brave search engine - https://search.brave.com/\n\n* bufferoverun: (Requires an API key, see below.) https://tls.bufferover.run\n\n* censys: [Censys search engine](https://search.censys.io/) will use certificates searches to enumerate subdomains and gather emails\u003cbr\u003e\n  (Requires an API key, see below.) https://censys.io\n\n* certspotter: Cert Spotter monitors Certificate Transparency logs - https://sslmate.com/certspotter/\n\n* criminalip: Specialized Cyber Threat Intelligence (CTI) search engine (Requires an API key, see below.) - https://www.criminalip.io\n\n* crtsh: Comodo Certificate search - https://crt.sh\n\n* duckduckgo: DuckDuckGo search engine - https://duckduckgo.com\n\n* fullhunt: Next-generation attack surface security platform (Requires an API key, see below.) - https://fullhunt.io\n\n* github-code: GitHub code search engine (Requires a GitHub Personal Access Token, see below.) - www.github.com\n\n* hackertarget: Online vulnerability scanners and network intelligence to help organizations - https://hackertarget.com\n\n* hunter: Hunter search engine (Requires an API key, see below.) - https://hunter.io\n\n* hunterhow: Internet search engines for security researchers (Requires an API key, see below.) - https://hunter.how\n\n* intelx: Intelx search engine (Requires an API key, see below.) - http://intelx.io\n\n* netlas: A Shodan or Censys competitor (Requires an API key, see below.) - https://app.netlas.io\n\n* onyphe: Cyber defense search engine (Requires an API key, see below.) - https://www.onyphe.io/\n\n* otx: AlienVault open threat exchange - https://otx.alienvault.com\n\n* pentestTools: Cloud-based toolkit for offensive security testing, focused on web applications and network penetration\u003cbr\u003e\n  testing (Requires an API key, see below.) - https://pentest-tools.com/\n\n* projecDiscovery: We actively collect and maintain internet-wide assets data, to enhance research and analyse changes around\u003cbr\u003e\n  DNS for better insights (Requires an API key, see below.) - https://chaos.projectdiscovery.io\n\n* rapiddns: DNS query tool which make querying subdomains or sites of a same IP easy! https://rapiddns.io\n\n* rocketreach: Access real-time verified personal/professional emails, phone numbers, and social media links (Requires an API key,\u003cbr\u003e\n  see below.) - https://rocketreach.co\n\n* securityTrails: Security Trails search engine, the world's largest repository of historical DNS data (Requires an API key, see\u003cbr\u003e\n  below.) - https://securitytrails.com\n\n* -s, --shodan: Shodan search engine will search for ports and banners from discovered hosts (Requires an API key, see below.)\u003cbr\u003e\n  https://shodan.io\n\n* sitedossier: Find available information on a site - http://www.sitedossier.com\n\n* subdomaincenter: A subdomain finder tool used to find subdomains of a given domain - https://www.subdomain.center/\n\n* subdomainfinderc99: A subdomain finder is a tool used to find the subdomains of a given domain - https://subdomainfinder.c99.nl\n\n* threatminer: Data mining for threat intelligence - https://www.threatminer.org/\n\n* tomba: Tomba search engine (Requires an API key, see below.) - https://tomba.io\n\n* urlscan: A sandbox for the web that is a URL and website scanner - https://urlscan.io\n\n* vhost: Bing virtual hosts search\n\n* virustotal: Domain search (Requires an API key, see below.) - https://www.virustotal.com\n\n* yahoo: Yahoo search engine\n\n* zoomeye: China's version of Shodan (Requires an API key, see below.) - https://www.zoomeye.org\n\n\nActive modules:\n---------------\n* DNS brute force: dictionary brute force enumeration\n* Screenshots: Take screenshots of subdomains that were found\n\nModules that require an API key:\n--------------------------------\nDocumentation to setup API keys can be found at - https://github.com/laramies/theHarvester/wiki/Installation#api-keys\n\n* bevigil - Free upto 50 queries. Pricing can be found here: https://bevigil.com/pricing/osint\n* binaryedge - $10/month\n* bing\n* bufferoverun - uses the free API\n* censys - API keys are required and can be retrieved from your [Censys account](https://search.censys.io/account/api).\n* criminalip\n* fullhunt\n* github\n* hunter - limited to 10 on the free plan, so you will need to do -l 10 switch\n* hunterhow\n* intelx\n* netlas - $\n* onyphe -$\n* pentestTools - $\n* projecDiscovery - invite only for now\n* rocketreach - $\n* securityTrails\n* shodan - $\n* tomba - Free up to 50 search.\n* zoomeye\n\nInstall and dependencies:\n-------------------------\n* Python 3.11+\n* https://github.com/laramies/theHarvester/wiki/Installation\n\n\nComments, bugs, and requests:\n-----------------------------\n* [![Twitter Follow](https://img.shields.io/twitter/follow/laramies.svg?style=social\u0026label=Follow)](https://twitter.com/laramies) Christian Martorella @laramies\n  cmartorella@edge-security.com\n* [![Twitter Follow](https://img.shields.io/twitter/follow/NotoriousRebel1.svg?style=social\u0026label=Follow)](https://twitter.com/NotoriousRebel1) Matthew Brown @NotoriousRebel1\n* [![Twitter Follow](https://img.shields.io/twitter/follow/jay_townsend1.svg?style=social\u0026label=Follow)](https://twitter.com/jay_townsend1) Jay \"L1ghtn1ng\" Townsend @jay_townsend1\n\n\nMain contributors:\n------------------\n* [![Twitter Follow](https://img.shields.io/twitter/follow/NotoriousRebel1.svg?style=social\u0026label=Follow)](https://twitter.com/NotoriousRebel1) Matthew Brown @NotoriousRebel1\n* [![Twitter Follow](https://img.shields.io/twitter/follow/jay_townsend1.svg?style=social\u0026label=Follow)](https://twitter.com/jay_townsend1) Jay \"L1ghtn1ng\" Townsend @jay_townsend1\n* [![Twitter Follow](https://img.shields.io/twitter/follow/discoverscripts.svg?style=social\u0026label=Follow)](https://twitter.com/discoverscripts) Lee Baird @discoverscripts\n\n\nThanks:\n-------\n* John Matherly - Shodan project\n* Ahmed Aboul Ela - subdomain names dictionaries (big and small)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaramies%2FtheHarvester","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flaramies%2FtheHarvester","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaramies%2FtheHarvester/lists"}