![]() Search for potential Azure blobs associated with the target and attempt to list their contents. Queries ARIN registry for contact information. Identifies historic versions of interesting files/pages from the Wayback Machine. Search for potential Amazon S3 buckets associated with the target and attempt to list their contents. Obtain information from AlienVault Open Threat Exchange (OTX) Search Tor 'Ahmia' search engine for mentions of the target.Ĭheck if an IP or netblock is malicious according to the AlienVault IP Reputation database. Look for possible associated accounts on over 500 social and other websites such as Instagram, Reddit, etc.Ĭheck if linked pages would be blocked by AdBlock Plus.Ĭheck if a host would be blocked by AdGuard DNS. Look up domain, phone and IP address information from AbstractAPI.Ĭheck if a host/domain, IP address or netblock is malicious according to Abuse.ch.Ĭheck if an IP address is malicious according to blacklist.Ĭheck if a netblock or IP address is in the Abusix Mail Intelligence blacklist. SpiderFoot has over 200 modules, most of which don't require API keys, and many of those that do require API keys have a free tier. The existing 37 rules are also quite readable and good as starting points for additional rules. We have a comprehensive write-up and reference of the correlation rule-set introduced in SpiderFoot 4.0 here.Īlso take a look at the template.yaml file for a walk through. Whether you're a contributor, user or just curious about SpiderFoot and OSINT in general, we'd love to have you join our community! SpiderFoot now has a Discord server for seeking help from the community, requesting features or just general OSINT chit-chat. ![]() Stable build (packaged release):Ĭheck out the documentation and our asciinema videos for more tutorials. We recommend you install a packaged release since master will often have bleeding edge features and modules that aren't fully tested. To install and run SpiderFoot, you need at least Python 3.7 and a number of Python libraries which you can install with pip. ![]() Image, document and binary file meta data analysis.S3/Azure/Digitalocean bucket enumeration/scraping. ![]() API integration with SHODAN, HaveIBeenPwned, GreyNoise, AlienVault, SecurityTrails, etc.Threat intelligence and Blacklist queries.Check for susceptibility to sub-domain hijacking.Bitcoin and Ethereum address extraction.Email address, phone number and human name extraction.Host/sub-domain/TLD enumeration/extraction.SpiderFoot's 200+ modules feed each other in a publisher/subscriber model to ensure maximum data extraction to do things like: You can target the following entities in a SpiderFoot scan: in a red team exercise or penetration test) for reconnaissance of your target or defensively to gather information about what you or your organisation might have exposed over the Internet. ![]() See the full set of differences between SpiderFoot HX and the open source version here.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |