1
00:00:00,500 --> 00:00:06,290
Welcome back, and in this bonus video, we're going to be covering the tool that I created in Python

2
00:00:06,290 --> 00:00:08,720
three that is used together, emails.

3
00:00:09,690 --> 00:00:13,630
Now, even though later in the course we will be quoting some of our own fighting tools.

4
00:00:14,010 --> 00:00:15,650
This is one that we will not code.

5
00:00:15,660 --> 00:00:17,520
So we'll just see how it works.

6
00:00:17,550 --> 00:00:22,850
I will explain how it works, of course, and we are going to see how many emails it can gather.

7
00:00:23,460 --> 00:00:26,550
So this is the tool right here called email scraper.

8
00:00:27,150 --> 00:00:30,710
And you will have this to download in the resources of this lecture.

9
00:00:31,410 --> 00:00:34,800
But let me show you how you can transfer it on the clinic's desktop.

10
00:00:35,660 --> 00:00:43,940
If you go up here on the devices and you go on drag and drop and click on Bidirectional, then anything

11
00:00:43,940 --> 00:00:51,200
that you have on your desktop since I had the program right here, if you go and track it to your Linux

12
00:00:51,200 --> 00:00:55,010
machine, it will get moved onto your desktop.

13
00:00:55,400 --> 00:01:00,200
As you can see right here, this folder already contains this file since I already have it on my desktop.

14
00:01:00,200 --> 00:01:01,280
So I'll just skip this.

15
00:01:02,270 --> 00:01:07,760
But you, after setting this to bidirectional, can transfer any file from your host desktop to your

16
00:01:07,970 --> 00:01:08,690
Linux desktop.

17
00:01:09,290 --> 00:01:10,010
OK, good.

18
00:01:10,220 --> 00:01:15,220
Now that we know how we can transfer it, let us see what this tool is and how we can run it.

19
00:01:16,010 --> 00:01:21,380
So just to check out the code of this tool real quick, let us double click on it and let me enlarge

20
00:01:21,380 --> 00:01:22,040
all of this.

21
00:01:22,910 --> 00:01:30,710
And what this tool essentially does is it asks us for the euro and we provide it with the earl of a

22
00:01:30,710 --> 00:01:31,570
certain domain name.

23
00:01:32,150 --> 00:01:39,500
Then what this tool does is it tries to extract all of the emails that are in the HTML page of the URL

24
00:01:39,500 --> 00:01:40,390
that you specified.

25
00:01:40,760 --> 00:01:46,940
But what it also does is it tries to crawl within other URLs that are found inside of that page.

26
00:01:47,540 --> 00:01:53,360
For example, discount variable right here that is equal to one hundred means that we will be searching

27
00:01:53,360 --> 00:01:56,330
for emails in one hundred different links.

28
00:01:56,660 --> 00:02:00,370
So you specify the main euro, then it goes to that euro.

29
00:02:00,650 --> 00:02:06,590
It extracts all of the emails, but it also extracts all of the other URLs that are leading to different

30
00:02:06,590 --> 00:02:07,040
pages.

31
00:02:07,520 --> 00:02:11,130
Then it goes to those different pages and performs the same thing.

32
00:02:11,150 --> 00:02:15,230
It tries to find emails and it also finds more URLs.

33
00:02:15,890 --> 00:02:19,220
And it does that until it reaches one hundred URLs.

34
00:02:19,940 --> 00:02:22,490
This is a number that you can change if you want to.

35
00:02:22,490 --> 00:02:28,640
So you can set this to be lower or higher depending on how much results you want to find down here.

36
00:02:28,640 --> 00:02:32,880
We can see that it is finding those emails using FedEx.

37
00:02:33,770 --> 00:02:36,190
So this is the pattern that we are searching for.

38
00:02:36,200 --> 00:02:41,870
And don't worry, if you don't understand any of this is just a way for us to find certain patterns

39
00:02:41,870 --> 00:02:43,430
in a lot of text.

40
00:02:43,550 --> 00:02:49,640
So, for example, this is a pattern that will allow us to find emails in the HTML code of the page.

41
00:02:50,910 --> 00:02:58,710
And then we at the end of this print, all of the emails that we found, so that is the basic principle

42
00:02:58,710 --> 00:03:05,700
behind this, to let us see how it runs and whether we manage to find more emails than we did with Hunter

43
00:03:05,700 --> 00:03:07,600
Dot, Io and the Covestor.

44
00:03:08,240 --> 00:03:09,330
So let's close this.

45
00:03:10,260 --> 00:03:17,550
Go to our terminal, find where you have this file, download it and I have it on my desktop, and to

46
00:03:17,550 --> 00:03:21,570
just run it, we can type fight on three and then the name of the file.

47
00:03:23,020 --> 00:03:28,570
It will tell us and to target your skin and here I'm going to specify the full URL.

48
00:03:29,810 --> 00:03:35,480
To the same domain name that we used for the Harvester and Hunter, that Io, just so we can compare

49
00:03:35,480 --> 00:03:40,260
how many results we get with this tool and how many results we got, we can't that I.

50
00:03:40,280 --> 00:03:41,860
Oh, and the harvester.

51
00:03:42,440 --> 00:03:47,780
So if I type the domain name and press here, enter.

52
00:03:49,340 --> 00:03:52,370
This will go and process one hundred things.

53
00:03:53,730 --> 00:03:59,970
And depending on whether you change that number, it might be higher or lower, and at the end of processing

54
00:03:59,970 --> 00:04:03,810
these links, it will print out all of the emails that it managed to find.

55
00:04:04,850 --> 00:04:09,950
So if you remember, we hunter that Eyo, the website that we used with the free account, we managed

56
00:04:09,950 --> 00:04:13,680
to gather 10 different emails with the Harvester.

57
00:04:13,700 --> 00:04:19,280
First time we didn't manage to get any email, but after running it a couple of times, we might be

58
00:04:19,280 --> 00:04:22,960
able to get around 10 to 15 different emails with the harvester.

59
00:04:23,780 --> 00:04:26,270
But let's see how many this total will find.

60
00:04:26,480 --> 00:04:30,250
So let's just wait for this to finish and I will get back to you as soon as it's done.

61
00:04:31,320 --> 00:04:36,600
OK, so the tunnel has finished scanning and here all of the emails that we managed to find.

62
00:04:36,810 --> 00:04:43,010
You can see there is at least 100 or 150 of them and they all belong to the same domain.

63
00:04:43,830 --> 00:04:48,240
Now, we might occasionally find some email that doesn't belong to this domain.

64
00:04:48,570 --> 00:04:50,190
And we saw one down here.

65
00:04:50,190 --> 00:04:52,740
I believe we just find it this one.

66
00:04:53,250 --> 00:04:57,710
It doesn't have the domain name inside of the email, but all of the others do.

67
00:04:57,990 --> 00:05:03,510
And we got at least five to 10 times more results than we managed to get with the Harvester, which

68
00:05:03,510 --> 00:05:07,340
is Kalyn Extoll, or with the free account of that IO.

69
00:05:08,310 --> 00:05:14,430
And here are all the links that it processed, so it clicked on all of these links and it tried to extract

70
00:05:14,430 --> 00:05:17,120
as much emails as it could from these links.

71
00:05:18,270 --> 00:05:18,610
Right.

72
00:05:18,900 --> 00:05:24,960
So now you have a tool that would be able to capture a lot of emails based on the specified domain.

73
00:05:25,890 --> 00:05:33,000
Just make sure that once you run the goal, you specify HTP or https before the domain name.

74
00:05:34,210 --> 00:05:40,330
OK, so this toll is now yours, feel free to use it as much as you want, and later on in the course

75
00:05:40,330 --> 00:05:43,360
we will also be coding our own python tools.

76
00:05:43,990 --> 00:05:49,930
They will not be some to advance tools, but we will be covering basics of creating our own hacking

77
00:05:49,930 --> 00:05:55,440
tools, which is something that every hacker should, at some point of their journey, learn.

78
00:05:56,200 --> 00:05:56,410
Great.

79
00:05:56,800 --> 00:06:02,650
So now that we are finished with the information gathering section, we are ready to start off with

80
00:06:02,650 --> 00:06:03,820
scanning section.

81
00:06:04,630 --> 00:06:09,850
And you might be wondering how are you going to be able to follow the scanning section and all the other

82
00:06:09,850 --> 00:06:13,900
sections since you don't really have permission to scan any Web site?

83
00:06:14,380 --> 00:06:15,040
Don't worry.

84
00:06:15,340 --> 00:06:20,950
There are a lot of very vulnerable machines and websites that we can download and practice on them,

85
00:06:21,220 --> 00:06:25,900
and we're going to be seeing how we can find them and install them inside of our virtual box.

86
00:06:26,170 --> 00:06:30,800
So we will have our own vulnerable lab where we can practice our hacking.

87
00:06:31,060 --> 00:06:34,630
So thank you for watching this section and I will see you in the next one.