Which integrations are available for this server?

Integrates with Baidu search engine to harvest emails and subdomains associated with target domains. Integrates with Brave search engine for domain reconnaissance, including email and subdomain discovery. Integrates with DuckDuckGo search engine to discover emails and subdomains related to target domains. Integrates with GitHub code search to find emails and subdomains in public repositories. Integrates with SecurityScorecard to gather security-related intelligence and subdomain data. Integrates with VirusTotal to query domain information and discover associated subdomains and emails.

How do I use theHarvester MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@theHarvester MCP Server Recon domain example.com for emails and subdomains" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

theHarvester MCP Server

by schwarztim

Overview Schema Related Servers Score Discussions

JavaScript

Remote

theHarvester MCP Server

MCP License: MIT TypeScript

An MCP (Model Context Protocol) server that provides AI assistants with access to theHarvester - a powerful OSINT reconnaissance tool for email and subdomain harvesting during penetration testing.

Overview

theHarvester is one of the most widely used OSINT tools for gathering intelligence during the reconnaissance phase of penetration testing. This MCP server wraps theHarvester's capabilities, allowing AI assistants like Claude to perform domain reconnaissance tasks through a structured interface.

The server executes theHarvester commands via SSH on a Kali Linux host, making it ideal for security professionals who maintain a dedicated Kali environment.

Related MCP server: osint-mcp-server

Features

Email Harvesting - Discover email addresses associated with target domains
Subdomain Discovery - Find subdomains using 40+ public and premium data sources
DNS Brute Force - Enumerate subdomains using wordlist-based brute forcing
Shodan Integration - Query discovered hosts for open ports, services, and banners
Takeover Detection - Check for subdomain takeover vulnerabilities
Virtual Host Discovery - Identify virtual hosts on discovered IP addresses

Installation

Prerequisites

Kali Linux Host - A Kali Linux system accessible via SSH
SSH Configuration - SSH access configured in ~/.ssh/config
theHarvester - Installed on the Kali host:
```
sudo apt install theharvester
```
Node.js - Version 18 or higher

Setup

# Clone the repository
git clone https://github.com/schwarztim/sec-theharvester-mcp.git
cd sec-theharvester-mcp

# Install dependencies
npm install

# Build the project
npm run build

MCP Configuration

Add to your Claude Desktop or MCP client configuration:

{
  "mcpServers": {
    "theharvester": {
      "command": "node",
      "args": ["/path/to/sec-theharvester-mcp/dist/index.js"],
      "env": {
        "KALI_HOST": "kali"
      }
    }
  }
}

Tools

Tool	Description
`theharvester_search`	Full OSINT search with configurable sources and options
`theharvester_sources`	List available data sources and API requirements
`theharvester_emails`	Quick search focused on email harvesting
`theharvester_hosts`	Quick search for subdomain/host discovery
`theharvester_dns_brute`	DNS brute force enumeration
`theharvester_shodan`	Search with Shodan integration for detailed host info
`theharvester_full_recon`	Comprehensive reconnaissance using all features
`theharvester_check_status`	Verify theHarvester availability on Kali host

Data Sources

No API Key Required

anubis, baidu, bing, crtsh, dnsdumpster, duckduckgo
hackertarget, otx, rapiddns, sitedossier, subdomaincenter
threatminer, urlscan, yahoo

API Key Required

bevigil, binaryedge, brave, bufferoverun, censys
criminalip, fullhunt, github-code, hunter, hunterhow
intelx, leakix, netlas, onyphe, pentesttools
projectdiscovery, rocketreach, securityscorecard
securitytrails, shodan, tomba, virustotal, zoomeye

Configure API keys in theHarvester's configuration file on your Kali host.

Configuration

Environment Variables

Variable	Default	Description
`KALI_HOST`	`kali`	SSH hostname for Kali Linux system

SSH Setup

Ensure your SSH config (~/.ssh/config) includes an entry for your Kali host:

Host kali
    HostName 192.168.1.100
    User root
    IdentityFile ~/.ssh/kali_key

Usage Examples

Basic Domain Search

{
  "tool": "theharvester_search",
  "arguments": {
    "domain": "example.com",
    "sources": ["bing", "crtsh", "dnsdumpster"],
    "limit": 500
  }
}

Email Harvesting

{
  "tool": "theharvester_emails",
  "arguments": {
    "domain": "example.com",
    "sources": ["hunter", "tomba", "bing"]
  }
}

Subdomain Discovery with DNS Resolution

{
  "tool": "theharvester_hosts",
  "arguments": {
    "domain": "example.com",
    "dns_resolve": true,
    "dns_brute": true
  }
}

Full Reconnaissance

{
  "tool": "theharvester_full_recon",
  "arguments": {
    "domain": "example.com"
  }
}

Output Format

All tools return structured JSON with:

Parsed results (emails, hosts, IPs, URLs, ASNs)
Statistics and metadata
Raw output for detailed analysis

Example response:

{
  "domain": "example.com",
  "sources": ["bing", "crtsh"],
  "emails": ["admin@example.com", "support@example.com"],
  "hosts": ["www.example.com", "mail.example.com"],
  "ips": ["93.184.216.34"],
  "urls": [],
  "asns": [],
  "interesting_urls": [],
  "raw_output": "..."
}

Security Considerations

This tool is intended for authorized security testing only
Always obtain proper authorization before scanning any domain
Be mindful of rate limits on data source APIs
Some sources may log your queries

Development

# Watch mode for development
npm run dev

# Build for production
npm run build

# Run the server
npm start

theHarvester - The underlying OSINT tool
Model Context Protocol - MCP specification

License

MIT License - see LICENSE for details.

Disclaimer

This tool is provided for educational and authorized security testing purposes only. Users are responsible for ensuring they have proper authorization before scanning any systems or domains. The authors are not responsible for any misuse of this software.

This server cannot be installed

license - permissive license

quality - not tested

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/schwarztim/sec-theharvester-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

theHarvester MCP Server

Overview

Features

Installation

Prerequisites

Setup

MCP Configuration

Tools

Data Sources

No API Key Required

API Key Required

Configuration

Environment Variables

SSH Setup

Usage Examples

Basic Domain Search

Email Harvesting

Subdomain Discovery with DNS Resolution

Full Reconnaissance

Output Format

Security Considerations

Development

Related Projects

License

Disclaimer

Maintenance

Resources

Looking for Admin?

Latest Blog Posts

MCP directory API