1
00:00:01,230 --> 00:00:06,540
‫Developed by Ed Security, the Harvester is a command line program written in Python, which is to gather

2
00:00:06,540 --> 00:00:12,540
‫emails, subdomains, hosts, employee names, open ports and banners from different public sources

3
00:00:12,540 --> 00:00:16,860
‫like search engines, PGP keys and showdown computer databases.

4
00:00:17,700 --> 00:00:26,310
‫You can download the harvester from its GitHub page https colon slash slash GitHub dot com slash Laramie's.

5
00:00:26,310 --> 00:00:29,930
‫That's LHR, AMISOM, the Harvester.

6
00:00:30,360 --> 00:00:32,940
‫It's also embedded in Linux.

7
00:00:33,630 --> 00:00:37,380
‫When you run the script with no parameters, you can see the usage options.

8
00:00:38,670 --> 00:00:47,770
‫One of the usages of the harvester tool is the harvester dashty domain name dash el result limit Dasch

9
00:00:47,790 --> 00:00:48,990
‫be datasource.

10
00:00:49,950 --> 00:00:55,170
‫When the script finishes its job, you can see the results, emails and.

11
00:00:56,450 --> 00:00:57,500
‫Hosts found.

12
00:01:00,560 --> 00:01:05,540
‫Rickon is a full featured Web reconnaissance framework written in Python, complete with independent

13
00:01:05,540 --> 00:01:11,900
‫modules, database interaction built in convenience functions, interactive help and command completion.

14
00:01:12,900 --> 00:01:18,770
‫Record energy provides a powerful environment, Rickon Energy has a look and feel similar to the metabolite

15
00:01:18,810 --> 00:01:21,990
‫framework, reducing the learning curve for leveraging the framework.

16
00:01:22,710 --> 00:01:26,730
‫Rickon Energy is designed exclusively for Web based open source reconnaissance.

17
00:01:27,120 --> 00:01:32,480
‫If you want to exploit, you can use the Métis framework or any other exploitation tool.

18
00:01:33,090 --> 00:01:39,600
‫You can download the Rickon framework on the website seen on this slide, and it's already embedded

19
00:01:39,600 --> 00:01:41,520
‫and ready to use and callisthenics.

20
00:01:46,690 --> 00:01:50,510
‫When you run recon engy script, you'll end up with a shell like interface.

21
00:01:50,530 --> 00:01:55,930
‫Now you can use recon energy commands, type help to see the available commands.

22
00:02:06,320 --> 00:02:09,140
‫Type show module's to see the available module's.

23
00:02:11,000 --> 00:02:13,160
‫As you can see, there are a lot of module's.

24
00:02:14,240 --> 00:02:19,880
‫You can use search commands to find the modules we need, for example, we can type search access to

25
00:02:19,880 --> 00:02:26,570
‫find the module which is aimed to find out excess as vulnerabilities type use keyword with the module

26
00:02:26,570 --> 00:02:27,800
‫name to use the module.

27
00:02:28,310 --> 00:02:37,490
‫In this example, let's use recon slash domain's hyphen vulnerabilities exceed module to learn more

28
00:02:37,490 --> 00:02:39,320
‫about the module type show in.

29
00:02:40,580 --> 00:02:47,390
‫This module checks excess dot com website for excess records associated with the domain.

30
00:02:50,500 --> 00:02:57,510
‫Type show options to see the parameters of the model set the source parameter value, TAIPING Set Source

31
00:02:57,670 --> 00:03:01,120
‫W-W NHS, UK Command.

32
00:03:04,710 --> 00:03:12,780
‫Type run to run the module, in this example, we found an excess vulnerability for NHS DOT UK website

33
00:03:13,020 --> 00:03:19,590
‫was published in 2008, even though we're almost sure it was fixed years ago, it's better to look and

34
00:03:19,590 --> 00:03:22,170
‫see if the vulnerability still exists.