Show Menu
Cheatography
  1. Home >
  2. Programming >

theHarvester OSINT Cheat Sheet Cheat Sheet (DRAFT) by

This cheat sheet provides a quick reference guide for theHarvester, an OSINT (Open Source Intelligence) tool used in penetration testing. It covers basic commands, options, and real-world use cases for gathering emails, subdomains, and other public data during reconnaissance.

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Basic Syntax

Command: theHar­vester -d domain -b source
Example: theHar­vester -d exampl­e.com -b google

Common Commands

Basic search: theHar­vester -d exampl­e.com -b google
Limit results: theHar­vester -d exampl­e.com -b google -l 50
Use Bing: theHar­vester -d exampl­e.com -b bing
Save output: theHar­vester -d exampl­e.com -b google -f result­s.html

Options

-d = target domain
-l = limit results
-b = data source
-f = save output
 
-s = start result number

Data Sources

google
linkedin
bing
github
yahoo
crtsh
 
dnsdum­pster

Real World Use

- Find employee emails
- Map attack surface
- Discover subdomains
- Gather public data

Overview

theHar­vester is an OSINT (Open Source Intell­igence) tool used during the reconn­ais­sance phase of penetr­ation testing. It gathers: - Email addresses - Subdomains - IP addresses - Hosts
Used for passive inform­ation gathering before active attacks. Helps identify: - Attack surface - Potential targets - Publicly exposed data
   

Notes

 
theHar­vester is used for OSINT reconn­ais­sance to gather public inform­ation about a target.