# Install theharvester with Homebrew, Nix

Gather materials from public sources (for pen testers). Version 4.11.1 via Homebrew; verified 2026-06-16.

## Install

```sh
sudo av install brew:theharvester
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install theharvester
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#theharvester
```

  Evidence: nixpkgs package indexes: pkgs/by-name/th/theharvester/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:theharvester
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/theharvester>
- **Version:** 4.11.1
- **Source summary:** Gather materials from public sources (for pen testers)
- **Homepage:** <https://www.edge-security.com>
- **Repository:** <https://github.com/laramies/theHarvester>
- **Upstream docs:** <https://github.com/laramies/theHarvester#readme>
- **License:** GPL-2.0-only
- **Source archive:** <https://github.com/laramies/theHarvester/archive/refs/tags/4.11.1.tar.gz>
- **Last updated:** 2026-06-16T13:15:41Z
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- restfulHarvest (cli)
- theHarvester (cli)
- theharvester (cli)
- restfulHarvest (alias)
- theHarvester (alias)
- theharvester (alias)

## Dependencies

- certifi
- cffi
- libyaml
- pydantic
- python@3.14

## Build dependencies

- cmake

## Uses from macOS

- libffi
- libxml2
- libxslt

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 4.11.1
- Package-manager updated: 2026-06-16
- Local data: ok
- Upstream repository: https://github.com/laramies/theHarvester
- Upstream latest detected: 4.11.1 (current)
## Project history and usage

theHarvester is an OSINT and reconnaissance tool for gathering emails, names, subdomains, IPs, and URLs from public data sources during the early stages of a penetration test. The official wiki describes it as simple but effective for mapping an organization's external threat landscape.

### Project history

The project is maintained in the laramies/theHarvester repository and is described by its README as an emails, subdomains, and names harvester for OSINT. Over time it has become a Python security tool with a long module list: the README enumerates passive data sources such as search engines, certificate transparency services, threat-intelligence APIs, code search, and internet-exposure databases.

### Adoption history

The official installation wiki explicitly says the easiest way to use theHarvester is through Kali Linux, where users can run `theHarvester -h`. The same page also documents pipx, Docker, and source-based installation, while the repository page shows a large GitHub audience and dozens of official releases. In package-manager culture, its presence in Homebrew and Nix gives macOS and reproducible-environment users a route to a tool historically associated with security distributions.

### How it is used

Typical use is passive reconnaissance: users configure API keys when needed, select modules or data sources, and collect public-facing identifiers for a target domain. The README's passive module list shows why API-key management matters: many useful sources have quotas, pricing, or authenticated access, and the wiki documents where `api-keys.yaml` lives under packaged and cloned installs.

### Why package nerds care

theHarvester matters to package nerds because it is a classic security CLI that crosses the boundary between specialist pentest distros and general-purpose package managers. A Homebrew formula turns a Kali-associated recon workflow into a one-command install on macOS, while the tool's module list creates a constant packaging concern around Python dependencies, browser automation, and optional API credentials.

### Timeline

- 2020: Official GitHub wiki home page revision describes the tool's early-pentest OSINT role.
- 2025-2026: Official GitHub tags page shows active 4.x releases.
- 2026: Installation wiki documents Kali, pipx, Docker, and source workflows.
- 2026: Repository page shows release 4.11.1 as the latest release on June 3, 2026.

### Related projects

- Related tools include other OSINT and recon CLIs such as subdomain enumerators, certificate-transparency query tools, internet search APIs, Shodan-like asset search tools, and Kali Linux reconnaissance utilities. theHarvester's niche is aggregating many public sources behind one command-line interface.

### Sources

- <https://github.com/laramies/theHarvester#readme - official README for install/run commands, passive modules, contributors, topics, releases, and project description.>
- <https://github.com/laramies/theHarvester/tags - official GitHub tags page for 4.x release timeline.>
- <https://github.com/laramies/theHarvester/wiki - official wiki description of purpose and early penetration-test use.>
- <https://github.com/laramies/theHarvester/wiki/Installation - official installation and API-key location notes, including Kali, pipx, Docker, source install, and api-keys paths.>


## Security Notes

No matching local secret-handling manifest was found for theharvester. Nucleus package metadata is still published here so future coverage has a stable package URL.



## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Credential files

- Linux: /etc/theHarvester/api-keys.yml, api-keys.yaml
- macOS: /usr/local/etc/theharvester/api-keys.yaml, api-keys.yaml
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** theharvester
- **Version Scheme:** 0
- **Revision:** 1
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - theharvester: normalized package name match | nixpkgs package indexes: pkgs/by-name/th/theharvester/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [Homebrew utility packages](https://www.automicvault.com/pkg/brew-utility-packages/) - Matched Homebrew package provider.
- [cffi](https://www.automicvault.com/pkg/brew/cffi/) - Runtime dependency declared by Homebrew.
- [python@3.14](https://www.automicvault.com/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [cmake](https://www.automicvault.com/pkg/brew/cmake/) - Build dependency declared by Homebrew.
- [amass](https://www.automicvault.com/pkg/brew/amass/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [bbot](https://www.automicvault.com/pkg/brew/bbot/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [favirecon](https://www.automicvault.com/pkg/brew/favirecon/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [recon-ng](https://www.automicvault.com/pkg/brew/recon-ng/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [subfinder](https://www.automicvault.com/pkg/brew/subfinder/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [uncover](https://www.automicvault.com/pkg/brew/uncover/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [csprecon](https://www.automicvault.com/pkg/brew/csprecon/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [findomain](https://www.automicvault.com/pkg/brew/findomain/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [pocsuite3](https://www.automicvault.com/pkg/brew/pocsuite3/) - Both packages touch the same language runtime or ecosystem. Shared terms: certifi, cli, libyaml, penetration, penetration-testing.

## Combined YAML source

View the package source record on GitHub. [combined/theharvester.yml](https://github.com/automic-vault/db/blob/main/combined/theharvester.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
