Automic VaultAutomic Vault

brew

Install theharvester with Homebrew, Nix

Gather materials from public sources (for pen testers). Version 4.11.1 via Homebrew; verified 2026-06-16.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install theharvester

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#theharvester

nixpkgs package indexes · pkgs/by-name/th/theharvester/package.nix · source: api.github.com

overview

Package summary

Gather materials from public sources (for pen testers)

Commands and aliases

  • restfulHarvest
  • theHarvester
  • theharvester

history

Project history and usage

theHarvester is an OSINT and reconnaissance tool for gathering emails, names, subdomains, IPs, and URLs from public data sources during the early stages of a penetration test. The official wiki describes it as simple but effective for mapping an organization's external threat landscape.

Project history

The project is maintained in the laramies/theHarvester repository and is described by its README as an emails, subdomains, and names harvester for OSINT. Over time it has become a Python security tool with a long module list: the README enumerates passive data sources such as search engines, certificate transparency services, threat-intelligence APIs, code search, and internet-exposure databases.

Adoption history

The official installation wiki explicitly says the easiest way to use theHarvester is through Kali Linux, where users can run `theHarvester -h`. The same page also documents pipx, Docker, and source-based installation, while the repository page shows a large GitHub audience and dozens of official releases. In package-manager culture, its presence in Homebrew and Nix gives macOS and reproducible-environment users a route to a tool historically associated with security distributions.

How it is used

Typical use is passive reconnaissance: users configure API keys when needed, select modules or data sources, and collect public-facing identifiers for a target domain. The README's passive module list shows why API-key management matters: many useful sources have quotas, pricing, or authenticated access, and the wiki documents where `api-keys.yaml` lives under packaged and cloned installs.

Why package nerds care

theHarvester matters to package nerds because it is a classic security CLI that crosses the boundary between specialist pentest distros and general-purpose package managers. A Homebrew formula turns a Kali-associated recon workflow into a one-command install on macOS, while the tool's module list creates a constant packaging concern around Python dependencies, browser automation, and optional API credentials.

Timeline

  • 2020: Official GitHub wiki home page revision describes the tool's early-pentest OSINT role.
  • 2025-2026: Official GitHub tags page shows active 4.x releases.
  • 2026: Installation wiki documents Kali, pipx, Docker, and source workflows.
  • 2026: Repository page shows release 4.11.1 as the latest release on June 3, 2026.

Related projects

  • Related tools include other OSINT and recon CLIs such as subdomain enumerators, certificate-transparency query tools, internet search APIs, Shodan-like asset search tools, and Kali Linux reconnaissance utilities. theHarvester's niche is aggregating many public sources behind one command-line interface.

Sources

security posture

No protected-tool coverage found yet

No matching local secret-handling manifest was found for theharvester. Nucleus package metadata is still published here so future coverage has a stable package URL.

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 5 runtime dependencies.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Credential files

Credential-bearing paths to review before unattended agent runs.

Linux
/etc/theHarvester/api-keys.ymlapi-keys.yaml
macOS
/usr/local/etc/theharvester/api-keys.yamlapi-keys.yaml

executables

Installed executables

CommandKindExposureNote
restfulHarvestcliglobal executable
theHarvestercliglobal executable
theharvestercliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version4.11.1
manager updated2026-06-16
local dataok
upstreamcurrent
latest detected4.11.1

https://github.com/laramies/theHarvester

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:theharvester
Version4.11.1
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/theharvester
Homepagehttps://www.edge-security.com
Repositoryhttps://github.com/laramies/theHarvester
Upstream docshttps://github.com/laramies/theHarvester#readme
LicenseGPL-2.0-only
Source archivehttps://github.com/laramies/theHarvester/archive/refs/tags/4.11.1.tar.gz
Last updated2026-06-16T13:15:41Z
Pulseupdated
Dependenciescertifi, cffi, libyaml, pydantic, python@3.14
Build dependenciescmake
Uses from macOSlibffi, libxml2, libxslt
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nametheharvester
Version Scheme0
Revision1
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

theharvester

nix profile install nixpkgs#theharvester
  • normalized package name match
  • Matched by: Theharvester
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/th/theharvester/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment