Penetration Testing With Kali Linux
In our courses Learn The Basics of Ethical Hacking and Penetration Testing with Kali Linux on Section 2 Real World Information Intelligence Techniques we explain to you how to Harvesting a Company Emails.
Email spools can often lead to wealth of information that could include :
- Competitive intelligence
- Company Financials
- Potential Attack Vectors
With the proliferation of online email, there is the potential to be able to gain access to an employee’s. Beyond information gathering, a penetration tester can use access to employee email spools to show impact of penetration.
HBGray, Infrag and Sony are illustrations of how dangerous an email compromise can be.
The tedious work of email analysis is more of a Red Teaming function.
HowTo Harvesting a Company Email with theHarvester
theHarvester : The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database.
theHarvester on Kali Linux it’s already installed, open your terminal and type ” theharvester “.
Usage Example of theHarvester on Kali Linux : Search from email addresses from a domain (-d kali.org), limiting the results to 500 (-l 500), using Google (-b google)
root@kali:~# theharvester -d kali.org -l 500 -b google
If you have encountered a problem or you have any questions or remarks please feel free to set a comment.
If this article helped you to solve your problem please feel free to Share it with your friends.
With Love and Prosperity K4LINUX-TEAM.