Find employees working in a company


Harvester an OSINT tool, written by Christian Martorella. Harvester allows to gather information like email addresses, sub domains all from public resources. This tool mostly lookups on sites like- Google, Bing, LinkedIn and Shodan.

According to ethical hacker of international institute of cyber security theharvester is used in advance information gathering tool. This tool is quite useful for the pentesters.


  • Type theharvester in linux terminal.



  • Type theharvester -d -b google as shown below:-

-d to search for the domain name.

-b data source that will used for searching, here we are using google data souce

  • As shown above after searching for the target domain. It shows host and email that are found on the google.
  • You can set your own data source by choosing your desired data source.



  • Type theharvester -d -b bing -v

-d means to search for domain name.

-b means data source like – google, bing, twitter.

-v search for virtual hosts and use dns resolution for verifying host name.

  • In the above virtual host scans, there could be a thousands of domains might resolving same ip address as these domain are hosted on same third party web hosting provider,.
  • Attacker could use these sites for SQL injection vulnerability. An attacker may target first site for gathering information and second site for Sql injection.



Type theharvester -d -b twitter.

  • By default using twitter in the query shows the twitter users of as shown below.

  • As shown above, here is the list of twitter accounts of The above list of twitter users can be consider in the initial phase of information gathering.