macOS
brew install theharvesterlocal Homebrew formula metadata
brew
Gather materials from public sources (for pen testers). Version 4.11.1 via Homebrew; verified 2026-06-16.
install
brew install theharvesterlocal Homebrew formula metadata
nix profile install nixpkgs#theharvesternixpkgs package indexes · pkgs/by-name/th/theharvester/package.nix · source: api.github.com
overview
Gather materials from public sources (for pen testers)
history
theHarvester is an OSINT and reconnaissance tool for gathering emails, names, subdomains, IPs, and URLs from public data sources during the early stages of a penetration test. The official wiki describes it as simple but effective for mapping an organization's external threat landscape.
The project is maintained in the laramies/theHarvester repository and is described by its README as an emails, subdomains, and names harvester for OSINT. Over time it has become a Python security tool with a long module list: the README enumerates passive data sources such as search engines, certificate transparency services, threat-intelligence APIs, code search, and internet-exposure databases.
The official installation wiki explicitly says the easiest way to use theHarvester is through Kali Linux, where users can run `theHarvester -h`. The same page also documents pipx, Docker, and source-based installation, while the repository page shows a large GitHub audience and dozens of official releases. In package-manager culture, its presence in Homebrew and Nix gives macOS and reproducible-environment users a route to a tool historically associated with security distributions.
Typical use is passive reconnaissance: users configure API keys when needed, select modules or data sources, and collect public-facing identifiers for a target domain. The README's passive module list shows why API-key management matters: many useful sources have quotas, pricing, or authenticated access, and the wiki documents where `api-keys.yaml` lives under packaged and cloned installs.
theHarvester matters to package nerds because it is a classic security CLI that crosses the boundary between specialist pentest distros and general-purpose package managers. A Homebrew formula turns a Kali-associated recon workflow into a one-command install on macOS, while the tool's module list creates a constant packaging concern around Python dependencies, browser automation, and optional API credentials.
security posture
No matching local secret-handling manifest was found for theharvester. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Credential-bearing paths to review before unattended agent runs.
/etc/theHarvester/api-keys.ymlapi-keys.yaml/usr/local/etc/theharvester/api-keys.yamlapi-keys.yamlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
restfulHarvest | cli | global executable | |
theHarvester | cli | global executable | |
theharvester | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/laramies/theHarvester
install metadata
| Package key | brew:theharvester |
|---|---|
| Version | 4.11.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/theharvester |
| Homepage | https://www.edge-security.com |
| Repository | https://github.com/laramies/theHarvester |
| Upstream docs | https://github.com/laramies/theHarvester#readme |
| License | GPL-2.0-only |
| Source archive | https://github.com/laramies/theHarvester/archive/refs/tags/4.11.1.tar.gz |
| Last updated | 2026-06-16T13:15:41Z |
| Pulse | updated |
| Dependencies | certifi, cffi, libyaml, pydantic, python@3.14 |
| Build dependencies | cmake |
| Uses from macOS | libffi, libxml2, libxslt |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | theharvester |
| Version Scheme | 0 |
| Revision | 1 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
theharvester
nix profile install nixpkgs#theharvestersource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.