Find employees working in a company

THEHARVESTER:-

Harvester an OSINT tool, written by Christian Martorella. Harvester allows to gather information like email addresses, sub domains all from public resources. This tool mostly lookups on sites like- Google, Bing, LinkedIn and Shodan.

According to ethical hacker of international institute of cyber security theharvester is used in advance information gathering tool. This tool is quite useful for the pentesters.

NOW FOR LAUNCHING TOOL:-

  • Type theharvester in linux terminal.

 

BASIC SEARCH:-

  • Type theharvester -d cisco.com -b google as shown below:-

-d to search for the domain name.

-b data source that will used for searching, here we are using google data souce

  • As shown above after searching for the target domain. It shows host and email that are found on the google.
  • You can set your own data source by choosing your desired data source.

 

VIRTUAL HOST:-

  • Type theharvester -d containerstore.com -b bing -v

-d means to search for domain name.

-b means data source like – google, bing, twitter.

-v search for virtual hosts and use dns resolution for verifying host name.

  • In the above virtual host scans, there could be a thousands of domains might resolving same ip address as these domain are hosted on same third party web hosting provider,.
  • Attacker could use these sites for SQL injection vulnerability. An attacker may target first site for gathering information and second site for Sql injection.

 

TWITTER API KEYS:-

Type theharvester -d containerstore.com -b twitter.

  • By default using twitter in the query shows the twitter users of containerstore.com as shown below.

  • As shown above, here is the list of twitter accounts of containerstore.com. The above list of twitter users can be consider in the initial phase of information gathering.