{
  "openapi": "3.0.1",
  "info": {
    "title": "Email & Subdomain Finder - theHarvester OSINT | 54 Sources",
    "description": "Cloud-hosted theHarvester OSINT tool. Harvest emails, subdomains, IPs, URLs and ASNs from 54+ public sources (Shodan, Censys, crt.sh, VirusTotal, SecurityTrails, GitHub, hunter.io). Full CLI feature parity — DNS brute force, subdomain takeover, screenshots. $0.003 per record harvested.",
    "version": "1.1",
    "x-build-id": "dU3zWlQimWhe4U1eF"
  },
  "servers": [
    {
      "url": "https://api.apify.com/v2"
    }
  ],
  "paths": {
    "/acts/anshumanatrey~theharvester-osint/run-sync-get-dataset-items": {
      "post": {
        "operationId": "run-sync-get-dataset-items-anshumanatrey-theharvester-osint",
        "x-openai-isConsequential": false,
        "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.",
        "tags": [
          "Run Actor"
        ],
        "requestBody": {
          "required": true,
          "content": {
            "application/json": {
              "schema": {
                "$ref": "#/components/schemas/inputSchema"
              }
            }
          }
        },
        "parameters": [
          {
            "name": "token",
            "in": "query",
            "required": true,
            "schema": {
              "type": "string"
            },
            "description": "Enter your Apify token here"
          }
        ],
        "responses": {
          "200": {
            "description": "OK"
          }
        }
      }
    },
    "/acts/anshumanatrey~theharvester-osint/runs": {
      "post": {
        "operationId": "runs-sync-anshumanatrey-theharvester-osint",
        "x-openai-isConsequential": false,
        "summary": "Executes an Actor and returns information about the initiated run in response.",
        "tags": [
          "Run Actor"
        ],
        "requestBody": {
          "required": true,
          "content": {
            "application/json": {
              "schema": {
                "$ref": "#/components/schemas/inputSchema"
              }
            }
          }
        },
        "parameters": [
          {
            "name": "token",
            "in": "query",
            "required": true,
            "schema": {
              "type": "string"
            },
            "description": "Enter your Apify token here"
          }
        ],
        "responses": {
          "200": {
            "description": "OK",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/runsResponseSchema"
                }
              }
            }
          }
        }
      }
    },
    "/acts/anshumanatrey~theharvester-osint/run-sync": {
      "post": {
        "operationId": "run-sync-anshumanatrey-theharvester-osint",
        "x-openai-isConsequential": false,
        "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.",
        "tags": [
          "Run Actor"
        ],
        "requestBody": {
          "required": true,
          "content": {
            "application/json": {
              "schema": {
                "$ref": "#/components/schemas/inputSchema"
              }
            }
          }
        },
        "parameters": [
          {
            "name": "token",
            "in": "query",
            "required": true,
            "schema": {
              "type": "string"
            },
            "description": "Enter your Apify token here"
          }
        ],
        "responses": {
          "200": {
            "description": "OK"
          }
        }
      }
    }
  },
  "components": {
    "schemas": {
      "inputSchema": {
        "type": "object",
        "required": [
          "domain"
        ],
        "properties": {
          "domain": {
            "title": "Domain",
            "type": "string",
            "description": "The domain to investigate, for example itm.edu or github.com. Enter just the domain - we auto-clean full links, so https://www.itm.edu/ becomes itm.edu, and you can also enter an IP address. We then harvest its emails, subdomains, IPs, URLs and ASNs from public sources."
          },
          "sources": {
            "title": "Sources to search",
            "minItems": 1,
            "uniqueItems": true,
            "type": "array",
            "description": "Which sources to search. The four defaults (crt.sh, HackerTarget, RapidDNS, CertSpotter) are free and need no API key. Sources marked with a key icon need an API key, which you add in the API keys section below. Sources marked with a tick are free.",
            "items": {
              "type": "string",
              "enum": [
                "crtsh",
                "hackertarget",
                "rapiddns",
                "certspotter",
                "otx",
                "urlscan",
                "threatcrowd",
                "dnsdumpster",
                "duckduckgo",
                "baidu",
                "yahoo",
                "mojeek",
                "brave",
                "commoncrawl",
                "waybackarchive",
                "robtex",
                "subdomaincenter",
                "hudsonrock",
                "thc",
                "shodan",
                "censys",
                "virustotal",
                "securityTrails",
                "hunter",
                "hunterhow",
                "intelx",
                "fullhunt",
                "netlas",
                "leakix",
                "leaklookup",
                "zoomeye",
                "criminalip",
                "dehashed",
                "fofa",
                "github-code",
                "gitlab",
                "bitbucket",
                "bevigil",
                "builtwith",
                "chaos",
                "projectdiscovery",
                "onyphe",
                "pentesttools",
                "rocketreach",
                "securityscorecard",
                "subdomainfinderc99",
                "tomba",
                "venacus",
                "whoisxml",
                "windvane",
                "dymo",
                "haveibeenpwned",
                "bufferoverun",
                "shodanInternetDB"
              ],
              "enumTitles": [
                "crt.sh ✓ (TLS cert transparency)",
                "HackerTarget ✓",
                "RapidDNS ✓",
                "CertSpotter ✓",
                "AlienVault OTX ✓",
                "URLScan ✓",
                "ThreatCrowd ✓",
                "DNSdumpster ✓",
                "DuckDuckGo ✓",
                "Baidu ✓",
                "Yahoo ✓",
                "Mojeek ✓",
                "Brave Search ✓",
                "CommonCrawl ✓",
                "Wayback Archive ✓",
                "Robtex ✓",
                "SubdomainCenter ✓",
                "HudsonRock ✓",
                "THC ✓",
                "Shodan 🔑",
                "Censys 🔑",
                "VirusTotal 🔑",
                "SecurityTrails 🔑",
                "Hunter.io 🔑",
                "HunterHow 🔑",
                "IntelX 🔑",
                "FullHunt 🔑",
                "Netlas 🔑",
                "LeakIX 🔑",
                "LeakLookup 🔑",
                "ZoomEye 🔑",
                "CriminalIP 🔑",
                "Dehashed 🔑",
                "FOFA 🔑",
                "GitHub Code 🔑",
                "GitLab 🔑",
                "Bitbucket 🔑",
                "BeVigil 🔑",
                "BuiltWith 🔑",
                "ProjectDiscovery Chaos 🔑",
                "ProjectDiscovery 🔑",
                "Onyphe 🔑",
                "PentestTools 🔑",
                "RocketReach 🔑",
                "SecurityScorecard 🔑",
                "SubdomainFinder C99 🔑",
                "Tomba 🔑",
                "Venacus 🔑",
                "WhoisXML 🔑",
                "Windvane 🔑",
                "Dymo 🔑",
                "HaveIBeenPwned 🔑",
                "BufferOverun 🔑",
                "Shodan InternetDB 🔑"
              ]
            },
            "default": [
              "crtsh",
              "hackertarget",
              "rapiddns",
              "certspotter"
            ]
          },
          "limit": {
            "title": "Results per source",
            "minimum": 1,
            "maximum": 10000,
            "type": "integer",
            "description": "Maximum number of results to pull from each source. Default 500. Lower it for faster, cheaper runs; raise it for deeper coverage.",
            "default": 500
          },
          "start": {
            "title": "Skip first N results",
            "minimum": 0,
            "type": "integer",
            "description": "Skip the first N results from each source. Used for paging through very large result sets. Leave at 0 for normal runs.",
            "default": 0
          },
          "timeout": {
            "title": "Time limit (seconds)",
            "minimum": 60,
            "maximum": 3600,
            "type": "integer",
            "description": "Stop the scan after this many seconds and return whatever was found by then. Default 1800 (30 minutes). Raise it for very large domains.",
            "default": 1800
          },
          "dnsLookup": {
            "title": "Resolve subdomains to IPs",
            "type": "boolean",
            "description": "Resolve each discovered subdomain to its IP address. Slower, but adds the IP next to every subdomain.",
            "default": false
          },
          "dnsBrute": {
            "title": "Find hidden subdomains",
            "type": "boolean",
            "description": "Find hidden subdomains by trying a list of common names like mail, dev, vpn and staging. Slower, but uncovers subdomains that are not in public records.",
            "default": false
          },
          "dnsResolve": {
            "title": "Custom resolver list (path)",
            "type": "string",
            "description": "Path to your own list of DNS resolvers, for advanced users. Leave empty to use the built-in defaults."
          },
          "dnsServer": {
            "title": "Custom DNS server",
            "type": "string",
            "description": "Use a specific DNS server for lookups, for example 8.8.8.8. Leave empty to use the defaults."
          },
          "shodan": {
            "title": "Enrich hosts with Shodan",
            "type": "boolean",
            "description": "Enrich the discovered hosts with extra data from Shodan. Needs a Shodan API key in the API keys section below.",
            "default": false
          },
          "takeOver": {
            "title": "Check for subdomain takeover",
            "type": "boolean",
            "description": "Check the discovered subdomains for takeover risk - subdomains whose DNS still points at an unclaimed third-party service that someone else could claim.",
            "default": false
          },
          "screenshot": {
            "title": "Screenshot each subdomain",
            "type": "boolean",
            "description": "Take a screenshot of each discovered subdomain's home page. Screenshots are saved to the run's storage.",
            "default": false
          },
          "apiScan": {
            "title": "Scan for exposed API endpoints",
            "type": "boolean",
            "description": "Look for exposed or undocumented API endpoints on the domain. Works best together with a wordlist.",
            "default": false
          },
          "wordlist": {
            "title": "Wordlist (path)",
            "type": "string",
            "description": "Path to a wordlist used by the API endpoint scan. On Apify cloud, only wordlists already built into the image can be used."
          },
          "useProxies": {
            "title": "Route through proxies",
            "type": "boolean",
            "description": "Route requests through proxies. Needs a proxy list configured in the image, so most users leave this off.",
            "default": false
          },
          "quiet": {
            "title": "Hide missing-key warnings",
            "type": "boolean",
            "description": "Hide the missing API key warnings in the run log. On by default to keep the log clean.",
            "default": true
          },
          "shodanApiKey": {
            "title": "Shodan API key",
            "type": "string",
            "description": "Your Shodan API key from shodan.io. Only needed if you select the Shodan source. Leave blank otherwise."
          },
          "censysApiId": {
            "title": "Censys API ID",
            "type": "string",
            "description": "Your Censys API ID from censys.io. Pairs with the Censys API secret below."
          },
          "censysApiSecret": {
            "title": "Censys API secret",
            "type": "string",
            "description": "Your Censys API secret from censys.io."
          },
          "securitytrailsApiKey": {
            "title": "SecurityTrails API key",
            "type": "string",
            "description": "Your SecurityTrails API key from securitytrails.com. Adds strong subdomain coverage."
          },
          "hunterApiKey": {
            "title": "Hunter.io API key",
            "type": "string",
            "description": "Your Hunter.io API key from hunter.io. Adds email discovery."
          },
          "virustotalApiKey": {
            "title": "VirusTotal API key",
            "type": "string",
            "description": "Your VirusTotal API key from virustotal.com."
          },
          "githubToken": {
            "title": "GitHub token",
            "type": "string",
            "description": "Your GitHub personal access token. Needed to search public code on GitHub for mentions of the domain."
          },
          "braveApiKey": {
            "title": "Brave Search API key",
            "type": "string",
            "description": "Your Brave Search API key from brave.com/search/api. A free tier is available."
          },
          "extraApiKeys": {
            "title": "More API keys (advanced)",
            "type": "object",
            "description": "Keys for the other 30+ premium sources, as one JSON object. Use each provider's field name as the key, for example: {\"netlasApiKey\": \"...\", \"fofaKey\": \"...\", \"fofaEmail\": \"you@example.com\", \"intelxApiKey\": \"...\"}. Only needed for premium sources you selected that are not listed above. Supported names: hunterhowApiKey, intelxApiKey, onypheApiKey, fullhuntApiKey, netlasApiKey, leakixApiKey, leaklookupApiKey, zoomeyeApiKey, bevigilApiKey, bitbucketApiKey, bufferoverunApiKey, builtwithApiKey, chaosApiKey, criminalipApiKey, dehashedApiKey, dnsdumpsterApiKey, dymoApiKey, fofaKey, fofaEmail, hackertargetApiKey, hibpApiKey, mojeekApiKey, pentesttoolsApiKey, projectdiscoveryApiKey, rocketreachApiKey, securityscorecardApiKey, subdomainfinderc99ApiKey, tombaKey, tombaSecret, venacusApiKey, whoisxmlApiKey, windvaneApiKey."
          }
        }
      },
      "runsResponseSchema": {
        "type": "object",
        "properties": {
          "data": {
            "type": "object",
            "properties": {
              "id": {
                "type": "string"
              },
              "actId": {
                "type": "string"
              },
              "userId": {
                "type": "string"
              },
              "startedAt": {
                "type": "string",
                "format": "date-time",
                "example": "2025-01-08T00:00:00.000Z"
              },
              "finishedAt": {
                "type": "string",
                "format": "date-time",
                "example": "2025-01-08T00:00:00.000Z"
              },
              "status": {
                "type": "string",
                "example": "READY"
              },
              "meta": {
                "type": "object",
                "properties": {
                  "origin": {
                    "type": "string",
                    "example": "API"
                  },
                  "userAgent": {
                    "type": "string"
                  }
                }
              },
              "stats": {
                "type": "object",
                "properties": {
                  "inputBodyLen": {
                    "type": "integer",
                    "example": 2000
                  },
                  "rebootCount": {
                    "type": "integer",
                    "example": 0
                  },
                  "restartCount": {
                    "type": "integer",
                    "example": 0
                  },
                  "resurrectCount": {
                    "type": "integer",
                    "example": 0
                  },
                  "computeUnits": {
                    "type": "integer",
                    "example": 0
                  }
                }
              },
              "options": {
                "type": "object",
                "properties": {
                  "build": {
                    "type": "string",
                    "example": "latest"
                  },
                  "timeoutSecs": {
                    "type": "integer",
                    "example": 300
                  },
                  "memoryMbytes": {
                    "type": "integer",
                    "example": 1024
                  },
                  "diskMbytes": {
                    "type": "integer",
                    "example": 2048
                  }
                }
              },
              "buildId": {
                "type": "string"
              },
              "defaultKeyValueStoreId": {
                "type": "string"
              },
              "defaultDatasetId": {
                "type": "string"
              },
              "defaultRequestQueueId": {
                "type": "string"
              },
              "buildNumber": {
                "type": "string",
                "example": "1.0.0"
              },
              "containerUrl": {
                "type": "string"
              },
              "usage": {
                "type": "object",
                "properties": {
                  "ACTOR_COMPUTE_UNITS": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATASET_READS": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATASET_WRITES": {
                    "type": "integer",
                    "example": 0
                  },
                  "KEY_VALUE_STORE_READS": {
                    "type": "integer",
                    "example": 0
                  },
                  "KEY_VALUE_STORE_WRITES": {
                    "type": "integer",
                    "example": 1
                  },
                  "KEY_VALUE_STORE_LISTS": {
                    "type": "integer",
                    "example": 0
                  },
                  "REQUEST_QUEUE_READS": {
                    "type": "integer",
                    "example": 0
                  },
                  "REQUEST_QUEUE_WRITES": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATA_TRANSFER_INTERNAL_GBYTES": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATA_TRANSFER_EXTERNAL_GBYTES": {
                    "type": "integer",
                    "example": 0
                  },
                  "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                    "type": "integer",
                    "example": 0
                  },
                  "PROXY_SERPS": {
                    "type": "integer",
                    "example": 0
                  }
                }
              },
              "usageTotalUsd": {
                "type": "number",
                "example": 0.00005
              },
              "usageUsd": {
                "type": "object",
                "properties": {
                  "ACTOR_COMPUTE_UNITS": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATASET_READS": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATASET_WRITES": {
                    "type": "integer",
                    "example": 0
                  },
                  "KEY_VALUE_STORE_READS": {
                    "type": "integer",
                    "example": 0
                  },
                  "KEY_VALUE_STORE_WRITES": {
                    "type": "number",
                    "example": 0.00005
                  },
                  "KEY_VALUE_STORE_LISTS": {
                    "type": "integer",
                    "example": 0
                  },
                  "REQUEST_QUEUE_READS": {
                    "type": "integer",
                    "example": 0
                  },
                  "REQUEST_QUEUE_WRITES": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATA_TRANSFER_INTERNAL_GBYTES": {
                    "type": "integer",
                    "example": 0
                  },
                  "DATA_TRANSFER_EXTERNAL_GBYTES": {
                    "type": "integer",
                    "example": 0
                  },
                  "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                    "type": "integer",
                    "example": 0
                  },
                  "PROXY_SERPS": {
                    "type": "integer",
                    "example": 0
                  }
                }
              }
            }
          }
        }
      }
    }
  }
}