Introduction
In this tutorial, we'll cover how to use theHarvester to collect emails and subdomains from an ethical target (e.g., your own domain). Key OSINT tool for Red Team sims, but always with permission. We use Kali 2025.
Installation and Setup
If you don't have it, install on Kali:
sudo apt update sudo apt install theharvester
Update sources (optional, for more data):
theHarvester --update
Basic Usage: Collect Emails
Example: Target "example.com" (swap for an ethical one).
theHarvester -d example.com -l 500 -b google,linkedin,bing
Flag explanations:
-d: Target domain.-l: Result limit (500 max per source).-b: Sources (google, linkedin, etc.; full list with--help).
Output: Emails like "admin@example.com", hosts like "sub.example.com".
Advanced Usage: Export and Filter
Export to CSV for analysis:
theHarvester -d example.com -l 500 -b all -f output.csv
Filter with grep (e.g., emails only):
cat output.csv | grep '@'
Ethical tip: Use in labs or with consent; integrate into your TFG for phishing sims (e.g., generate payloads with collected emails).
Conclusion
With theHarvester, speed up your OSINT recon. Practice on your own VM. Next tutorial: Integrate with Maltego. Share your output in comments (anonymized)! 🐾⚡