spiderfoot v3.4 releases: the open source footprinting & intelligence-gathering tool
SpiderFoot is an open-source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, or network subnet.
SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organization is freely providing for attackers to use against you.
Read more at the project website.
- Utilises a shedload of data sources; over 50 so far and counting, including SHODAN, RIPE, Whois, PasteBin, Google, SANS, and more.
- Designed for maximum data extraction; every piece of data is passed on to modules that may be interested so that they can extract valuable information. No piece of discovered data is saved from the analysis.
- Runs on Linux and Windows. And fully open-source so you can fork it on GitHub and do whatever you want with it.
- Web-based UI and CLI. Choose between a GUI that is easy to use and a powerful command-line interface. Take a look through the gallery for screenshots of the GUI and the collection of CLI videos on asiinema.org.
- Highly configurable. Almost every module is configurable so you can define the level of intrusiveness and functionality.
- Modular. Each major piece of functionality is a module, written in Python. Feel free to write your own and submit them to be incorporated!
- SQLite backend. All scan results are stored in a local SQLite database, so you can play with your data to your heart’s content.
- Simultaneous scans. Each footprint scan runs as its own thread, so you can perform footprinting of many different targets simultaneously.
- So much more.. check out the documentation for more information.
- Dark mode. Eliminate eye strain with the flick of a switch:
- Threaded scanning architecture. SpiderFoot’s pub/sub model benefits hugely from parallelization, so you’ll notice a significant (10x or more) performance increase on large scans particularly on beefy machines.
- 14 new modules.
- Module updates to HaveIBeenPwned to look up phone numbers and collect paste information
- Spyse module updated to use v4 of their API, returning significantly more data
- AlienVault module updated to return URLs and bug fix to return co-hosted sites
- Dropped stale modules for badips.com and watchguard.
- Dropped support for Python < 3.7.
- A significant number of bug fixes and data quality improvements across the core, unit tests and modules.
Copyright (C) smicallef