Hey Folks, , in this tutorial we are going to introduce an OSINT tool called “Spiderfoot” which is capable of doing almost all the work as per your need. SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate. SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but we can also control it through the command line.

Let’s take a look 😛 !!

Installation

We will use the wget command to download this tool. After the download is complete we will unzip it using the “tar” utility.

Install Python

Now we need to install python tools in our system with some other dependencies.

Right 😛 !! After that we need to go into the directory of this tool and install the remaining dependencies using the pip command.

It is time to boot the server using the following command.

Good 😛 !! Everything is done and now you need to open the following URL on your browser. Once you open this URL, you will get the interface of this tool as shown in the image below.

By default, it already has lots of sources to get information but if you want to do footprinting on other sites too, you can add their API keys.

In the scans section of this tool, you can see all the previous and running scans.

Domain Footprinting

Just enter any scan name according to you and then enter the name of website whose details you want to get.

We want to get anything and everything about the target, so we will select the first option and click “Run Scan Now“.

Nice 😛 !! It is truly one of the best OSINT tools as it provides the details that no any other tool can provide us. After executing the scan you can get the details by going inside it one by one.

Account on External Site

Usually sometimes people or company’s create their account on other social media websites with the same username which it easily dumps.

Domains

Also if any sub domains is available then it will show you.

DNS Records

There are many online services available from where we can get DNS records of any website but you can also see it through this tool.

Good 😛 !! Not only that because it gives us many more information about the target.

Number OSINT

If you want to get anything about a particular mobile number then you can use this tool. All you have to do is enter the mobile number.

BOOM 😛 !! As you can see it extracts details such as country name, telecommunication provider etc.

Email OSINT

Similarly, if you want to do footprinting against an email address then you can do it through this tool.

IP OSINT

You can also scan any host available in the network through this tool.

Bitcoin Address

In addition, one of the most excited features is to extract the details of his bitcoin wallet through a bitcoin address.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

Leave a Reply