Information Gathering, Metasploit, Reconnaissance

Email harvesting with Metasploit

Email harvesting is the process of obtaining lists of email addresses using various methods. You can check on your own what emails, attackers are going to find about your domain using Metasploit’s module, Search Engine Domain Email Address Collector. This module uses Google, Bing and Yahoo to create a list of valid email addresses for the target domain. This tool is very useful in automated information gathering during a penetration test.

Select auxiliary module:

use auxiliary/gather/search_email_collector

Show options:

show options

Set Domain:

set domain

Set Output File (Save results):

set output /myuser/reports/results_file