theHarvester: a Classic Open Source Intelligence Tool
| posted by shirelywang in : workplace | No comments |

Although there might be a handful of proprietary tools out there with this capability, the spirit of open source is on full-display in the tool we are reviewing today. theHarvester is super-simple to install and obtains its data from a dozen plus sources, paid and free. The good news is tha it includes a native integration with the SecurityTrails API™.

What is theHarvester? theHarvester (purposely spelt with a lower-case ‘t’ at the beginning) is a commandline-based tool made by the team at Edge-Security. It is a Python-based tool meant to be used in the initial stages of an investigation by leveraging open source Intelligence (OSINT) to help determine a company’s external threat landscape on the internet.

The tool was originally designed to be used in the early stages of a penetration test or red team engagement. However, the passive reconnaissance abilities of theHarvester also make it suitable for blue or purple teams, depending on the situation.


You must log in or register to comment.

There's nothing here…