SpiderFoot – Automate OSINT Framework in Kali Linux

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilizes a range of methods for data analysis, making that data easy to navigate.

SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It’s written in Python 3 and GPL-licensed.

Uses of Spiderfoot:

    Spiderfoot is used for reconnaissance.

    Spiderfoot is used for information gathering.

    Spiderfoot is working as a scanner for active and passive scanning on target.

    Spiderfoot can be used for domain foot printing.

    Spiderfoot can be used to find the phone numbers, email addresses of the target.

    Spiderfoot can be used to find bitcoin addresses.

    Spiderfoot can be used to save all the information gathering summary.

    Spiderfoot can be used to create graphs of scanning done by Spiderfoot.

Spiderfoot can be used to automate GitHub all the information gathering processes.

Spiderfoot used to be a separate application, but now it comes pre-installed in Kali Linux, there is no need to download the package and install it on your machine.

Start Spiderfoot by typing “spiderfoot -l 127.0.0.1:5001”

Then in your browser navigate to the address 127.0.0.1:5001

You can scan for Domain Name – IPv4 or IPv6 -Hostname -Subnet – Email Address – Human Name and Username.

After you run the scan you are presented by some results into tabs, the first tab is the Status:

In this scan we have some stats like the “Unique” and the “Errors” we can see below what we have found so far, we have some internal and external links and phone numbers.

The next tab is “Browse” where the results are divided into elements:

We have got some Usernames and also Human Names.

The third tab is for the “Graph” as all elements are shown as dots where you can click each one to get more information.

The last tab is for the “Logs” and it’s very informative:

We got some information about the usernames we found and it’s being used in external web sites like Facebook and eBay.

If you want more results you can tweak the settings for your scan and you will have different results every time.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s