The Harvester
1
theHarvester -d megacorpone.com -b google
The Harvester doesn’t works really well on newer versions of Kali, use the docker image if that is the case.
1
docker run -ti --rm theharvester:latest
HaveIbeenPwned
Tool to get information about e-mails that are involved on have i been pwned
Snusbase
Along with HaveIbeenPwned this site is useful to collect passwords (one week costs $7 USD life time account $333).
If you find an e-mail with HaveIBeenPwned and you are in a Red Team, this tools might be really helpful to gather leaked passwords.
CrossLinked
crosslinked is a tool to gather emails from LinkedIn using both first name and last name
You should first find a valid e-mail to craft users such as
shuciran.naka@mycompany.com
Then the format of the command would be like:
1
python3 crosslinked.py -f '{first}.{last}@mycompany.com' mycompany