Follow ZDNET: Add us as a preferred source<!–> on Google.
ZDNET’s key takeaways
- Your online footprint can reveal information about you.
- Viewing your footprint can be an eye-opener.
- theHarvester tool is a powerful – and free – way to scan that footprint.
Your digital footprint is the trail of data you leave behind on the internet, including browsing history, social media posts, and online interactions.
It can be pretty disturbing what’s out there. The list of IP addresses and services associated with a URL you’ve visited can be eye-opening. If you want to find out exactly what your footprint looks like, there’s a handy Python tool called theHarvester that was created for this very thing.
Also: 11 ways to delete or hide yourself from the internet – and protect your privacy
theHarvester uses a large number of modules to pull off this task. You can view the complete list on theHarvester’s official GitHub page. Trust me when I tell you that the list is extensive.
I installed and ran theHarvester to check out my digital footprint associated with Google.com and was shocked by what it reported. The number of IP addresses linked between my home network’s WAN address and those connected to Google.com was astonishing. Once the scan was complete, it took me two minutes to scroll back to the top of the list.
Whew.
theHarvester isn’t quite the easiest tool to use, and it’s command line only, but if you’re comfortable installing an app using Python’s PIP package manager, you shouldn’t have any trouble with this tool.
Let me show you how theHarvester is installed and used.
Installing theHarvester
What you’ll need: The only thing you’ll need to install theHarvester is Python 3, Python PIP, and Python VENV installed on your operation system of choice – Linux, MacOS, or Windows. Since installing Python on each operating system varies, I will demonstrate how to install everything on a Ubuntu-based distribution (Pop!_OS, to be exact).
The first thing to do is open your terminal window and install Python and Python PIP with the following command:
Show more
sudo apt-get install python3 python3-pip -y
Next, we need to install the Python virtual environment package, which is done with the following command:
Show more
sudp apt-get install python3-venv -y
You’ll also need to install git, which is done with:
Show more
sudo apt-get install git -y
It’s now time to install theHarvester. First, you have to clone the necessary Git repository with:
Show more
git clone https://github.com/laramies/theHarvester.git
Change into the newly created directory with:
cd theHarvester
Also: The best data removal services: Delete yourself from the internet
Enable the Python virtual environment with the following two commands:
python3 -m venv venv
source venv/bin/activate
Install theHarvester with:
pip install
You can verify the installation with:
theHarvester -h
You should see a list of command-line options for the app.
Using theHarvester
Using theHarvester is fairly straightforward. Let’s say you want to scan google.com. To do that, issue the command:
theHarvester -d google.com -b all -l 100
Here’s a breakdown of the command:
- theHarvester – the executable to be run
- -d – what follows is the domain you want to scan.
- -b all – the sources you want to use (such as baidu, bevigil, brave, etc). When declaring all, theHarvester uses all available sources.
- -l 100 – limits the number of search results to 100 (the default is 500).
The scan will take some time to run. When it completes, you’ll see a laundry list of emails, subdomains, hostnames, IP addresses, and sources.
Also: How to secure your home and office network: The best DNS blockers and firewalls
In my results, I didn’t see many email addresses, but as far as hostnames and IP addresses, there was a substantial number listed. When the google.com scan came back with only domains, subdomains, and IP addresses, I decided to run the scan on a domain I own. This time around, the results weren’t nearly as intimidating; however, it did include two IP addresses, four email addresses, and 40 different hosts.
What can you do?
Totally removing your online footprint is a very challenging task. One way to limit it is to deactivate subdomains you no longer use (my results listed several subdomains that are no longer active) and email addresses you no longer need.
Another handy trick is to use email aliases, such as those from:
Finally, you can also hide domain registration details. You can use a WHOIS lookup service to find out any information associated with domains you own.
Source: Networking - zdnet.com
