SpiderFoot – Automated Intelligence Gathering Tool.

0 0 Monday, November 9, 2015 2015-11-09T03:57:00+05:30 Edit this post

Learn about SpiderFoot, a powerful Opensource intelligence gathering tool that automates reconnaissance process and delivers actionable information.

SpiderFoot – Automated Intelligence Gathering Tool.

Introduction


SpiderFoot is an open source tool for online intelligence gathering and footprinting. It automates the task footprinting a given target like the details of IP address, domain name, hostname or network subnet etc.

Key uses of SpiderFoot – An Open Source Intelligence Automation Tool (OSINT)

  • For pen-testers- automating the entire reconnaissance stage.
  • Gathering threat intelligence -about suspicious IPs or site names caught in logs or SIEM tools.
  • For corporate security teams -what sensitive information is openly exposed to the outside world.

Features Of SpiderFoot


SpiderFoot has plenty of features, including the following:

  • Utilizes a lot of different data sources, some of them being SHODAN, RIPE, Whois, PasteBin, Google, SANS and more.
  • Designed for intelligent and maximum data extraction through various modules.
  • Cross platform support- Runs on Linux and Windows and it is open source.
  • User-friendly visualizations -Built-in JavaScript-based visualizations or export to GEXF/CSV for use in other tools with easy to use, easy to navigate web-based UI.
  • Highly configurable modular design with modules written in python so the level of intrusiveness and functionality can be defined.
  • SQLite back-end support - scan results are stored in a local SQLite database so you can play with your data to your heart's content.
  • Simultaneous scans-Each footprint scan runs as its own thread so you can perform footprinting of many different targets simultaneously.

Getting Started with SpiderFoot


Before installation make sure the following Pre-Requisites are met.

Linux/BSD/Solaris


SpiderFoot is written in Python (2.7), so to run on Linux/Solaris/FreeBSD/etc. you need Python 2.7 installed, in addition to the lxml, netaddr, M2Crypto, CherryPy and Mako modules.
To install the dependencies using PIP, run the following:
~$ pip install lxml netaddr M2Crypto cherrypy mako
Other modules such as MetaPDF, SOCKS and more are included in the SpiderFoot package, so you don't need to install them separately.

Windows

SpiderFoot for Windows is a compiled executable file, and so all dependencies are packaged with it.
No third party tools/libraries need to be installed, not even Python.

Installation

Installing SpiderFoot is literally as simple as unpacking the distribution tar.gz/zip file.

Linux/BSD/Solaris


To install SpiderFoot on Linux/Solaris/FreeBSD/etc. you only need to un-targz the package, as follows:
~$ tar zxvf spiderfoot-X.X.X-src.tar.gz
~$ cd spiderfoot-X.X.X
~/spiderfoot-X.X.X$

Windows

Unzip the distribution ZIP file and run it.

Starting SpiderFoot

Linux/BSD/Solaris

To run SpiderFoot, simply execute sf.py from the directory you extracted SpiderFoot into:
~/spiderfoot-X.X.X$ python ./sf
Once executed, a web server will be started, which by default will listen on 127.0.0.1:5001. You can then use the web-browser of your choice by browsing to http://127.0.0.1:5001.

If you wish to make SpiderFoot accessible from another system, for example running it on a server and controlling it remotely, then you can specify an external IP for SpiderFoot to bind to, or use 0.0.0.0 so that it binds to all addresses, including 127.0.0.1:
~/spiderfoot-X.X.X$ python ./sf 0.0.0.0:5001
If port 5001 is used by another application on your system, you can change the port:
~/spiderfoot-X.X.X$ python ./sf 127.0.0.1:9999

Windows

SpiderFoot for Windows comes as a pre-packaged executable, with no need to install any dependencies.
For now, there is no installer wizard, so all that's needed is to unzip the package into a directory (e.g. C:\SpiderFoot) and run sf.exe:
C:\SpiderFoot>sf.exe
As with Linux, you can also specify the IP and port to bind to:
C:\SpiderFoot>sf.exe 0.0.0.0:9999


Detailed step by instructions for installing, configuring and running a scan using SpiderFoot can be found on the documentation page http://www.spiderfoot.net/documentation/

Conclusion

SpiderFoot is a reconnaissance tool that automates the data collection process for penetration testing. It collects and analyses data from a variety of open-source intelligence sources. The tool is flexible and scalable, allowing it to be used for a variety of use cases. Its automated data collection and analysis approach can save security professionals time and streamline their testing processes.

Labels:

SHARE:

Twitter Facebook Google Pinterest

COMMENTS

BLOGGER
Name

Ad Network,3,adb,1,adblocker,1,Adblocker alternative,1,Adobe Flash Zero Day,1,Adware,1,Android,2,Android Reverse Engineering,1,Android vulnerability,3,Anonymous,1,Anonymous Browsing,2,Apple Hacking,2,Arp Poisoning,1,authentication bypass,1,Automated Tank Guage,1,Automatic Footprinting tool,1,backdoor credentials,1,BadWinmail,1,Banking trojan,1,bcmon,1,Best Adblocker,1,Best free cloud storage,1,Best Password Manager,1,Best TOR Alternative,1,Best VPN Provider,1,best VPN Rating,1,Bettercap,1,Bettercap tutorial,1,BitTorrent,1,BitTorrent Protocols,1,Browse safely,1,Car Hacking,1,Carbanak,1,CIA,1,Circuit Fingerprinting.,2,cleartext cloud API,1,CloudFlare,2,Cobalt Strike,1,Covert Pentesting,1,Cracking Encryption,1,Cracking HTTPS,1,crapware,1,Credential Stealing,1,Credentials Sniffing,1,CreeHack,1,CryptDB,1,cryptography,2,cSploit,1,CSRF,1,custom recovery,1,Cydia,1,cygwin,1,Cypher System,1,Data Breach,1,Data Exfiltration,1,DDoS,2,DDoS Attack,3,Decrypting Tor traffic,1,Deep Web,1,DEF CON 23,2,disk encryption,1,DLL Injection Attacks,1,Dnstool,1,download torrents directly,2,DrDoS,1,DriveDroid,1,DuckHunter HID,1,Elevation Of Privilege,1,encryption,2,Ettercap,1,Exitmap,1,Exploitation,2,Fanny Worm,1,Financial APT,1,Flash Alternative,1,Forgot Windows Password.,1,fraud,1,Free Cloud Storage,1,Free LastPass Premium,1,Free Uptobox Premium Account,1,Free VPN,1,Free Zbigz Premium Account,2,Freedom App,1,GasPot,1,GitHub,1,Giveaways,4,Hack Android,3,Hack Android Games,2,Hack Android In-App Purchase Non Root,1,Hack Cave,18,Hack Clash Of Clans,1,Hack Email,1,Hack Outlook,1,Hack Subway Surfer,1,Hack WiFi Android Without bcmon,1,Hack Windows 10,1,hacking android,6,hacking android pattern lock,1,Hacking Android PIN,1,Hacking Android Through Sound Waves,1,Hacking Cloudflare,1,Hacking CryptDB,1,Hacking electronics,1,Hacking embedded systems,1,Hacking Fridge,1,Hacking Gmail,1,Hacking IoT,1,Hacking KeePass,1,Hacking News,3,Hacking PayPal,1,Hacking Refrigerator,1,Hacking Team,1,Hacking tools,3,Hacking Tricks Android,5,Hacking WiFi With Android,3,Hacking Windows,4,Hacking Windows Password,1,HardSploit,1,HID Attack,1,Homomorphic Encryption,1,Honeypot,1,HORNET,3,How to hack baby monitors,1,How to hack gmail?,1,How to hack IoTs,1,How to hack MAC OS X,1,How To Hack WhatsApp,1,how to install kali nethunter on any android device,1,How Tor Works,1,HTML5,1,ICS,1,Immobilizer,1,Increase Download Speed,1,Information Gathering,1,Install NetHunter,1,Install NetHunter for any Device,1,Internet Of Things,1,Internet Privacy,2,Introduction To Penetration Testing,1,iOS 9,2,iOS hacked,1,IoT,3,IoT Security Audit Tool,1,Jailbreaking,1,Kali Linux,2,kali linux nethunter for android,1,Kali NetHunter,4,Kali NetHunter Nexus 5x,1,Kali NetHunter Sony,1,kali nethunter windows installer,1,KeeFarce,1,Kemoge,1,LastPass Premium Giveaway,1,LastPass Premium Subscription 2016,1,lenavo,1,LinkedIn,1,Lizard Squad,1,Lizard Stressor,1,LSE,1,Mabouia,1,Mac OS X Hacking,1,Malicious JavaScript,1,Malware,4,Man In The Middle Attack,4,MANA Wireless Toolkit,1,Megamos Crypto Transponder,1,MITM,5,Mount Manager Bug,1,Mozilla Firefox,1,MSOffice,1,Netflix,2,Netflix Stethoscope tool,1,NetHunter Devices,1,nethunter install guide,1,NetHunter Nexus 5x,1,NetHunter Tutorial Nexus 5x,1,nethunter tutorial pdf,1,Nord VPN,1,nsISpeculativeConnect,1,NTP Vulnerability,1,Offensive Security,1,Office Exploit,1,OLE,1,Onion Encryption,1,Onion Routing,1,Outlook Exploit,1,Overt,1,Penetration Testing,1,Penetration Testing Tutorial,1,Penetration Testing With KaliLinux,1,Penetration Testing With Metasploit,1,Pentest Report,1,Phases Of PenTesting,1,Phishing,1,PINlogger,1,Post Exploitation,1,PowerMemory,1,PowerShell,1,pre-fetch,1,Prevent In-App purchase hacks,1,privilege escalation,2,Python,1,Quantum Cryptographic Communication,1,quantum physics,1,ransomware,2,read forbes with adblock,1,read toi with adblock,1,Reaver,1,Reflected File Download Vulnerability,1,Reflective,1,Reflective DDoS Attack,1,Remote Code Execution,2,Remote exploit,2,remove ads toi,1,RfA,1,RFD,1,RFID,1,RIFFLE Tor Alternative,1,RIPv1 Protocol,1,Root Nexus 5x,1,Rooting,2,Rootkit,1,Router Keygen,1,SCADA,1,SEA,1,Searchsploit,1,Security News,40,Security Tools,4,Shodan,1,SilverPush,1,Sleepy Puppy,1,Smartphone Sensor hack,1,Smartphones,4,Smartphones hacking,1,soft and hard brick,1,speculative connect API,1,SpiderFoot,1,Sponsored,1,StageFright,2,StageFright 2.0,1,stethoscope tool implimentation,1,Stored XSS,2,StuxNet,1,Superfish,1,surveillance,1,Task hijacking Attack,1,TCP injection.,1,The Basics Of Penetration Testing,1,The Hacking Team,1,Threat Modeling,1,Tor,3,TOR Alternative,4,Tor Exit Relay,1,Tor Guard,1,Tor Hacked,3,torrent to direct converter,2,torrent to IDM,1,tow factor authentication,1,Trend Micro,1,Tutorial,7,TWRP,1,TWRP Nexus 5x,1,Types Of Pentest,1,Types Of XSS Vulnerability,1,uBlock,1,Unlock Bootloader guide,1,Unlock Bootloader Nexus 5x,1,unlock pattern lock android,2,User Focused security,1,VPN Reviews,1,Vulnerability,3,Vulnerability Analysis,1,Vulnerability scanners,1,What is Kali NetHunter,1,WhatsApp Encryption,1,WhatsApp Hacking,1,Whatsapp phishing,1,WhatsApp Vulnerability.,1,WikiLeaks,1,Windows Backdoor,1,Windows Debuggers,1,XcodeGhost,1,Xss,3,XSS Scanner,1,XTEA,1,Zbigz cookie generator,1,Zbigz premium account no survey,1,Zimperium,1,
ltr
item
Hack Cave | Hacks unveiled: SpiderFoot – Automated Intelligence Gathering Tool.
SpiderFoot – Automated Intelligence Gathering Tool.
Learn about SpiderFoot, a powerful Opensource intelligence gathering tool that automates reconnaissance process and delivers actionable information.
https://3.bp.blogspot.com/-Ql-W4L61Goc/Vj_LDVdsSpI/AAAAAAAAAxI/7HbDztYeWos/w640-h360/sf-725352.jpg
https://3.bp.blogspot.com/-Ql-W4L61Goc/Vj_LDVdsSpI/AAAAAAAAAxI/7HbDztYeWos/s72-w640-c-h360/sf-725352.jpg
Hack Cave | Hacks unveiled
http://www.hackcave.net/2015/11/spiderfoot-automated-intelligence.html
http://www.hackcave.net/
http://www.hackcave.net/
http://www.hackcave.net/2015/11/spiderfoot-automated-intelligence.html
true
398744729202641828
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content