SpiderFoot is an open source tool for online intelligence gathering and footprinting. It automates the task footprinting a given target like the details of IP address, domain name, hostname or network subnet etc.
Key uses of SpiderFoot – An Open Source Intelligence Automation Tool (OSINT)
1)For pen-testers- automating the entire reconnaissance stage.
2)Gathering threat intelligence -about suspicious IPs or site names caught in logs or SIEM tools.
3)For corporate security teams -what sensitive information is openly exposed to the outside world.
Features Of SpiderFoot
SpiderFoot has plenty of features, including the following:
- Utilizes a lot of different data sources, some of them being SHODAN, RIPE, Whois, PasteBin, Google, SANS and more.
- Designed for intelligent and maximum data extraction through various modules.
- Cross platform support- Runs on Linux and Windows and it is open source.
- Highly configurable modular design with modules written in python so the level of intrusiveness and functionality can be defined.
- SQLite back-end support - scan results are stored in a local SQLite database so you can play with your data to your heart's content.
- Simultaneous scans-Each footprint scan runs as its own thread so you can perform footprinting of many different targets simultaneously.
Getting Started with SpiderFoot
Before installation make sure the following Pre-Requisites are met.
SpiderFoot is written in Python (2.7), so to run on Linux/Solaris/FreeBSD/etc. you need Python 2.7 installed, in addition to the lxml, netaddr, M2Crypto, CherryPy and Mako modules.
To install the dependencies using PIP, run the following:
~$ pip install lxml netaddr M2Crypto cherrypy mako
Other modules such as MetaPDF, SOCKS and more are included in the SpiderFoot package, so you don't need to install them separately.
SpiderFoot for Windows is a compiled executable file, and so all dependencies are packaged with it.
No third party tools/libraries need to be installed, not even Python.
Installing SpiderFoot is literally as simple as unpacking the distribution tar.gz/zip file.
To install SpiderFoot on Linux/Solaris/FreeBSD/etc. you only need to un-targz the package, as follows:
~$ tar zxvf spiderfoot-X.X.X-src.tar.gz
~$ cd spiderfoot-X.X.X
Unzip the distribution ZIP file and run it.
To run SpiderFoot, simply execute sf.py from the directory you extracted SpiderFoot into:
~/spiderfoot-X.X.X$ python ./sf
Once executed, a web server will be started, which by default will listen on 127.0.0.1:5001. You can then use the web-browser of your choice by browsing to http://127.0.0.1:5001.
If you wish to make SpiderFoot accessible from another system, for example running it on a server and controlling it remotely, then you can specify an external IP for SpiderFoot to bind to, or use 0.0.0.0 so that it binds to all addresses, including 127.0.0.1:
~/spiderfoot-X.X.X$ python ./sf 0.0.0.0:5001
If port 5001 is used by another application on your system, you can change the port:
~/spiderfoot-X.X.X$ python ./sf 127.0.0.1:9999
SpiderFoot for Windows comes as a pre-packaged executable, with no need to install any dependencies.
For now, there is no installer wizard, so all that's needed is to unzip the package into a directory (e.g. C:\SpiderFoot) and run sf.exe:
As with Linux, you can also specify the IP and port to bind to:
Detailed step by instructions for installing, configuring and running a scan using SpiderFoot can be found on the documentation page http://www.spiderfoot.net/documentation/