SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet.
SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you.
But before we get to that stuff we need to install it. I will be installing this in a Ubuntu box I have on my ESXi Server. Firstly you’ll want to install pip and git.
sudo apt-get install pip git
and some dependencies that SpiderFoot needs.
sudo pip install netaddr sudo pip install M2Crypto sudo pip install cherrypy sudo pip install mako sudo pip install dnspython
Once you have that done, you’ll want to download SpiderFoot from Github
git clone https://github.com/smicallef/spiderfoot.git
go to the folder you just downloaded it to and simply run ./sf.py
If you are accessing from the same system that’s all you need to do, if you want to access from another system, use nano and edit sf.py and change the server ip.
Now we have the system up and running we can do some information gathering.
I have chosen a domain that I own. I chose to do a full scan and let me tell you, this take hours to complete. So set it to run go and watch Game Of Thrones of something and come back later.
You can sort the results by number of Data Elements or you can use an interactive graph.
There is too much information discovered to list it all here, but this tool will find loads of stuff about your target and can be used later on. Have fun. Hope this helps you out.
Now I have to remind you, to scan only what you are allowed to scan, be responsible. If you can do that, then don’t get caught otherwise it’s your own fault 🙂