SpiderFoot
OSINT and Information Gathering Tool
Introduction
SpiderFoot is an automated open-source intelligence (OSINT) tool that collects and analyzes data from diverse sources for security research, threat intelligence, and cyber investigations. It simplifies reconnaissance by aggregating information about domains, IPs, email addresses, and more.
Features
- Automated OSINT: Scans domains, IPs, email addresses, and usernames across 100+ data sources.
- Modular Design: Enable/disable specific modules (e.g., DNS, WHOIS, breach data).
- Web Interface: Visualize findings in real-time with an interactive dashboard.
- API Integration: Supports VirusTotal, Hunter.io, and other third-party services (API keys required).
- Export Options: Save results in CSV, JSON, XML, or GEXF formats.
Installation
- Open a terminal.
- Install SpiderFoot using:
sudo pacman -S spiderfoot
Install Verification
Check the version to confirm installation:
spiderfoot --version
Uninstall
sudo pacman -R spiderfoot
Usage
Start the Web Interface
spiderfoot -l 127.0.0.1:5001
Access the dashboard at:
http://127.0.0.1:5001
Run a Scan via CLI
spiderfoot -m all -t example.com
Export Scan Results
spiderfoot -m all -t example.com --csv results.csv
Example Workflows
Investigate a Domain
- Start the web interface:
spiderfoot -l 127.0.0.1:5001 - Enter
example.comin the web UI and run a scan.
Check for Breached Emails
spiderfoot -m breach -t user@example.com
Scan an IP Address
spiderfoot -m all -t 8.8.8.8
Configuration
- API Keys:
- Add API keys (e.g., VirusTotal, Shodan) in the web UI under Settings to enhance data collection.
- Manual Configuration:
Edit the config file:nano ~/.spiderfoot/config.cfg
Official Documentation & More Info
Contributing
- Contribute modules or report issues via GitHub.
- Follow the contribution guidelines.
Support
- Join the SpiderFoot Discord for community support.
- Check the GitHub Wiki for troubleshooting.
License
SpiderFoot is released under the MIT License.