Sec-Track

theHarvester (Desarrollada por Edge-Security) es una herramienta que permite recolectar direcciones electrónicas (e-mails) y nombres de usuarios desde fuentes públicas.

Estas son:

Google (e-mails), Bing search (e-mails), PgP servers (e-mails) y Linkedin (user names)

El objetivo de este proceso será el de recolectar información  (correos electrónicos / nombres de usuarios) referente a un determinado objetivo (dominio) en tareas relacionadas con los test de penetración o ethical hacking. Ya que dicha información permitirá realizar ataques más sofisticados y relacionados directamente con la ingeniería social.

Veamos:

Primero descargamos la herramienta theHarvester (script desarrollado en Python)

root@bt:~/Sec-Track/Tools/Information Gathering/theHarvester# ls
COPYING  LICENSES  README  theHarvester.py

Modo de uso:

root@bt:~/Sec-Track/Tools/Information Gathering/theHarvester# ./theHarvester.py
*************************************
*TheHarvester Ver. 1.5              *
*Coded by Christian Martorella      *
*Edge-Security Research             *
*cmartorella@edge-security.com      *
*************************************
Usage: theharvester options

-d: domain to search or company name
-b: data source (google,bing,pgp,linkedin)
-l: limit the number of results to work with(bing goes from 50 to 50 results,
google 100 to 100, and pgp does’nt use this option)

Examples:./theharvester.py -d microsoft.com -l 500 -b google
./theharvester.py -d microsoft.com -b pgp
./theharvester.py -d microsoft -l 200 -b linkedin

Ahora relicemos una consulta con google como fuente pública:

root@bt:~/Sec-Track/Tools/Information Gathering/theHarvester# ./theHarvester.py -d informatica64.com -l 500 -b google

*************************************
*TheHarvester Ver. 1.5              *
*Coded by Christian Martorella      *
*Edge-Security Research             *
*cmartorella@edge-security.com      *
*************************************
Searching for informatica64.com in google :
======================================

Total results:  26900
Limit:  500
Searching results: 0
Searching results: 100
Searching results: 200
Searching results: 300
Searching results: 400

Accounts found:
====================

@informatica64.com
amartin@informatica64.com
chema@informatica64.com
rodol@informatica64.com
calendariotorrido@informatica64.com
[registro@informatica64.com
registro@informatica64.com
jsaenz@informatica64.com
jlrambla@informatica64.com
i64@informatica64.com
ralonso@informatica64.com
plaguna@informatica64.com
igor@informatica64.com
Chema@informatica64.com
technews@informatica64.com
gema@informatica64.com
amigosdelafoca@informatica64.com
sbordon@informatica64.com
[chema@informatica64.com
====================

Total results:  19

Ahora relicemos una consulta con bing como fuente pública:

root@bt:~/Sec-Track/Tools/Information Gathering/theHarvester# ./theHarvester.py -d informatica64.com -l 500 -b bing

*************************************
*TheHarvester Ver. 1.5              *
*Coded by Christian Martorella      *
*Edge-Security Research             *
*cmartorella@edge-security.com      *
*************************************
Searching for informatica64.com in bing :
======================================

Total results:  489
Limit:  489
Searching results: 0
Searching results: 50
Searching results: 100
Searching results: 150
Searching results: 200
Searching results: 250
Searching results: 300
Searching results: 350
Searching results: 400
Searching results: 450

Accounts found:
====================

@informatica64.com
chema@informatica64.com
amartin@informatica64.com
i64@informatica64.com
jsaenz@informatica64.com
[registro@informatica64.com
registro@informatica64.com
mfernandez@informatica64.com
calendariotorrido@informatica64.com
jalonso@informatica64.com
rodol@informatica64.com
jmalonso@informatica64.com
sbordon@informatica64.com
====================

Total results:  13

Más información y descarga de la herramienta theHarvester >>