This week is more exciting, since we start to use the tools in Kali Linux. The tools we used are for searching information on our target, these information such as email, phone number, and sub domains related to our target is very useful for further step of pentesting.

The first tool is theHarvester which is very easy to use. to use theHarvester, we just need to type ‘theharvester’ followed by ‘-d’ followed by our target’s domain, then ‘-b’ followed by the source where theHarvester will try to crawl for informations on our target (may be google, facebook, twitter). There’s also additional functions such as ‘-l’ to specify the limit of results we want to display.

Another tool is whois, it is more to get the information on who owns our target and their social information.

Another useful tool with better GUI than theHarvester is maltego, maltego is more graphical than theHarvester due to it’s GUI, but we need to sign up first to use maltego.