As a freelance OSINT (Open Source Intelligence) engineer, I've encountered my fair share of intriguing and sometimes harrowing cases. One such case involved a client, who we will call Jane, who reached out to me in a state of sheer panic. Her ex-boyfriend had been stalking her relentlessly, and despite changing her contact information and social media profiles multiple times, he always seemed to find her. She felt trapped and was desperate for a solution. That's where I stepped in, armed with one of my most reliable tools—The Harvester.

Unraveling the Digital Trail

The Harvester is a powerful OSINT tool designed for information gathering from public sources. Initially developed by Christian Martorella and included by default in Kali Linux, it's a staple for professionals like me during the reconnaissance stage of penetration testing or red team assessments. However, in Jane's case, it became a lifeline.

Jane had done everything by the book: changing her email, phone number, and even deactivating her social media accounts. Yet, her ex-boyfriend always managed to find her. It was clear he was using advanced methods to track her down. My mission was to discover how he was doing it and to help Jane regain her sense of security.

Deploying The Harvester

The first step was to use The Harvester to gather as much information as possible about Jane's online footprint. The tool is incredibly efficient at pulling data from various public sources, including search engines, PGP key servers, and the SHODAN computer database. It can collect email addresses, subdomains, hosts, employee names, open ports, and banners—exactly the kind of data that could reveal how Jane's stalker was operating.

I started with a basic command to gather information from Google:

bash
theHarvester -d janedoe.com -b google -l 500

This command instructed The Harvester to search for any information related to Jane's domain name from Google, limiting the results to 500 entries. The results were eye-opening. Not only did I find multiple email addresses linked to Jane, but also several subdomains and hostnames that were likely being used by her ex-boyfriend to track her.

Digging Deeper

Next, I expanded the search to include all available sources:

bash
theHarvester -d janedoe.com -b all -l 500

The Harvester's ability to perform DNS brute force, reverse IP resolution, and TLD (Top-Level Domain) expansion revealed even more about Jane's digital presence. I discovered that her ex-boyfriend was using sophisticated DNS techniques to map out her digital movements. This included monitoring her new email addresses and social media accounts through obscure subdomains and linked accounts.

Identifying Vulnerabilities

The Harvester also allowed me to perform port scans to identify any open ports and potential vulnerabilities:

bash
theHarvester -d janedoe.com -b google -l 500 -f results.html

This command saved the results in an HTML file for easier analysis. The port scans showed several open ports that were being exploited, likely to gain unauthorized access to Jane's devices and accounts.

Closing the Loopholes

Armed with this comprehensive data, I worked with Jane to close these digital loopholes. We secured her online presence by shutting down vulnerable subdomains, closing unnecessary open ports, and setting up more robust security protocols for her email and social media accounts. We also used The Harvester to ensure that no new vulnerabilities had been introduced.

A New Dawn

The transformation was remarkable. With her digital footprint secured, Jane finally felt safe again. Her ex-boyfriend's attempts to track her ceased, and she could resume her life without the constant fear of being watched.

Conclusion

The Harvester proved to be an invaluable tool in this journey. Its extensive search engine support, DNS and network analysis capabilities, and ability to gather detailed information from public sources made it an essential ally in protecting Jane. For anyone involved in OSINT, penetration testing, or cybersecurity, The Harvester is a must-have tool, offering a robust solution for gathering and analyzing data to uncover potential threats and vulnerabilities. Be sure to check out our upcoming webinar here.