TheHarvester and Datasploit OSINT tool comparisons

As far as I know there are lots of OSINT(Open-source Intelligent) tools out there ready to be used for different information gathering purposes. Some can be used on the web online or others can be installed and used on your PC, some to the same thing, while others slightly do different things all in all they can't be used to gather information from the web.

Perhaps you have heard of theHarvester and Datasploit All are OSINT tools written in one programming language Python. Today am going to show some basic difference between this tool popular OSINT tool.

theHarvester

theHarvester is a very simple, yet effective tool designed to be used in the early stages of a penetration test. It can be used for open source intelligence gathering and helping to determine a company's external threat landscape on the internet.

Features of the harvester

• Find emails
• Find sub domains
• Basic port scanner( written in python )
• Find people from social networks
  and more and more features available

Datasploit

A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.
Public source comparison

Public source

Datasploit
18

theHarvester
28

Integrations

Many python tools can easily integrate with other tools written and designed for python, now we want to look into the simplicity of integration for both theharvester and datasploit.

One of the things hindering datasploit integration is it support for an old version of python that is python2, we all know that python2 is coming to it’s end of life(EOL) in january of 2020.

As for theharvester it is written in python 3 and it supports all latest python3 features that’s a win win for theharvester

Using theharvester in other python3 scripts

import theHarvester
from theHarvester.discovery import baidusearch
from theHarvester.discovery import bingsearch
from theHarvester.discovery import dnsdumpster
from theHarvester.discovery import googlesearch
#....and more....
# or
# from theHarvester.discovery import 

baidu = baidusearch.SearchBaidu("nmmapper.com", 100)
baidu.do_search()
# Each discovery engine has it's own method
# not all have get_emails
emails = baidu.get_emails()
hostnames = baidu.get_hostnames()
# That's how you can use theHarvester in any other python3 module.

That is how we managed to integrate theharvester online It’s really easy to integrate it with any python3 scripts for automation

Using datasploit in other python2.7 script

import datasploit
data = datasploit.username.username_gitscrape.main(“latest-release”)
datasploit.username.username_gitscrape.output(data)

It has support for python2 we want to integrate this tool also on our online service, at https://www.nmmapper.com

As you can see the difference, they can both support integration with other python scripts in appropriate python versions.

Both tools can be used as stand alone scripts, in fact that’s their main design to be used in stand alone instead of integration like modules.

Notable features of Datasploit

There are unique features that datasploit has, that theharvester does not seem to have. With datasploit you can scrounge the following information unique to itself;

• Phone number
• Bitcoin addresses

This is unique to datasploit alone, this makes it stand out from there OSINT tool competition. As an addition, you can even generate reports in HTML and JSON format along with text files.

In conclusion it seems that theharvester has an upper hand because of it’s latest support for python3