OSINT Automation Tool — Spiderfoot
Information gathering is a first step in the cybersecurity, to discover and collect information about the target. When you’re getting into a new thing, you should research and gather some information about that, so it will help move further.
Spiderfoot is an OSINT automation tool used for threat intelligence and identifying attack surface. Based on the scan target, it gather information. The scan targets maybe a Domain/ Sub domain, Hostnames, Email addresses, IPv4 and v6 addresses, ASN, Phone numbers, Usernames, and Bitcoin addresses. It has over 200+ modules, some don’t require API keys and many require API Keys. we can easily extract data based on data type,data family, data source, module & module category. It has open source version’s Spiderfoot HX to upgrade more functionality.
Features of Spiderfoot
- It has web based UI & CLI
- We can export data in any formats like CSV/JSON/GEXF
- we can import/export API Keys
- It also provide visualize about the scan,visualize like Node graph, Treemap, Sankey Diagram, & chord Diagram
- It has built-in TOR integration for dark web searching
- We could call other tools like DNSTwist, Whatweb, Nmap and CMSeeK
How Spiderfoot will work?
So, Here’s an example screenshot to gather information about a user name “James Bond”.
We have to select the scan name and targets. Here our target is to gather information about the username. Once we entered the username, the scan starts and it will find out the social media account and other information with that username.Use help option to view about the scan target details.
Here we got the information that are associated with “james bond” username. The graph option shows the graphical representation of scanned elements, unique elements and errors during scan. This data is exportable and searchable.
Correlation will help to look for condition that investigate immediately based on during and completion of a scan. The visualize nodegraph to focus more on the data. Hover over the node displays the details of the target. Here visualize displays the external social media accounts that are associated with name James bond.
This reconnaissance tool will be interesting and help you find more information about the target.
Thanks for reading…