PHP webdeveloper and frontend developer




Email harvesting of a domain using Linux Backtrack

Category : Mac and Apple stuff, Other · by Apr 13th, 2013

A while ago I wanted to scan which email addresses can be found by spambots because that domain received a lot of spam. You can prevent users from capturing your email addresses from your website by encrypting the characters with html or javascript. This tools can encrypt your email address with javascript http://hivelogic.com/enkoder/ and this website http://www.wbwip.com/wbw/emailencoder.html does this through using character entities.

To do an email harvesting scan you need to have Linux Backtrack installed. I installed this by using VirtualBox on my mac (which is free). You can download Backtrack 5 from their website.

Start of with opening the terminal in Backtrack and type msfconsole

Backtrack - extract email addresses (msfconsole)

After that type search_collector

Backtrack - extract email addresses (search collector)

This will show the available modules. Next you need to choose to use the search_email_collector module by typing use/auxiliary/gather/search_email_collector

Backtrack - extract email addresses (search_email_collector)

Now type show options

Backtrack - extract email addresses (show options)

Now you can set up the domain you want to scan for email addresses. You do this by typing set domain www.example.com

That’s it. You can now run the scan by doing run

This will output all found email addresses from your domain.

Backtrack - extract email addresses (run)

SHARE :

(1) Comment

George James
6 years ago · Reply

Great tutorial!! Just wondering if there was any way I could pull specefic emails from a domain. For example lets say I wanted to find the CFO of canons email Canon.com. Any help is decapitated. I tried jigsaw but it is unreliable.

Leave a Reply

Your email address will not be published. Required fields are marked *


s