1. What theHarvester Solves for Defenders
theHarvester is an OSINT collection tool used by defenders to understand externally visible email, domain, and infrastructure exposure from public sources.
theHarvester fits the "OSINT email/domain discovery" role in this course. Treat it as one tool in a workflow, not as a complete answer by itself. The key question is what decision quality it improves for a defender.
Before using theHarvester, define the operational question first (triage, validation, exposure review, monitoring, forensics, or documentation). Tool selection should follow the question, not the other way around.