SpiderFoot – Open Source Intelligence (OSINT) Automation That Utilizes Various Data sources & Range Of Methods For Data Analysis

spiderfoot

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.

SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It’s written in Python 3 and GPL-licensed.

FEATURES

  • Web based UI or CLI
  • Over 200 modules (see below)
  • Python 3
  • CSV/JSON/GEXF export
  • API key export/import
  • SQLite back-end for custom querying
  • Highly configurable
  • Fully documented
  • Visualisations
  • TOR integration for dark web searching
  • Dockerfile for Docker-based deployments
  • Can call other tools like DNSTwist, Whatweb, Nmap and CMSeeK
  • Actively developed since 2012!

WANT MORE?

Need more from SpiderFoot? Check out SpiderFoot HX for:

  • 100% Cloud-based and managed for you
  • Attack Surface Monitoring with change notifications by email, REST and Slack
  • Multiple targets per scan
  • Multi-user collaboration
  • Authenticated and 2FA
  • Correlations
  • Investigations
  • Customer support
  • Third party tools pre-installed & configured
  • Drive it with a fully RESTful API
  • TOR integration built-in
  • Screenshotting
  • Feed scan data to Splunk, ElasticSearch and REST endpoints

See the full set of differences between SpiderFoot HX and the open source version here.

USES

SpiderFoot can be used offensively (e.g. in a red team exercise or penetration test) for reconnaissance of your target or defensively to gather information about what you or your organisation might have exposed over the Internet.

You can target the following entities in a SpiderFoot scan:

  • IP address
  • Domain/sub-domain name
  • Hostname
  • Network subnet (CIDR)
  • ASN
  • E-mail address
  • Phone number
  • Username
  • Person’s name
  • Bitcoin address

SpiderFoot’s 200+ modules feed each other in a publisher/subscriber model to ensure maximum data extraction to do things like:

INSTALLING & RUNNING

To install and run SpiderFoot, you need at least Python 3.7 and a number of Python libraries which you can install with pip. We recommend you install a packaged release since master will often have bleeding edge features and modules that aren’t fully tested.

Stable build (packaged release):

$ wget https://github.com/smicallef/spiderfoot/archive/v3.4.tar.gz
$ tar zxvf v3.4.tar.gz
$ cd spiderfoot
$ pip3 install -r requirements.txt
$ python3 ./sf.py -l 127.0.0.1:5001

Development build (cloning git master branch):

$ git clone https://github.com/smicallef/spiderfoot.git
$ cd spiderfoot
$ pip3 install -r requirements.txt
$ python3 ./sf.py -l 127.0.0.1:5001

Check out the documentation and our asciinema videos for more tutorials.

COMMUNITY

Whether you’re a contributor, user or just curious about SpiderFoot and OSINT in general, we’d love to have you join our community! SpiderFoot now has a Discord server for chat, and a Discourse server to serve as a more permanent knowledge base.

MODULES / INTEGRATIONS

SpiderFoot has over 200 modules, most of which don’t require API keys, and many of those that do require API keys have a free tier.

NameDescriptionLinkType
abuse.chCheck if a host/domain, IP or netblock is malicious according to abuse.ch.https://www.abuse.chFree API
AbuseIPDBCheck if an IP address is malicious according to AbuseIPDB.com blacklist.https://www.abuseipdb.comTiered API
Account FinderLook for possible associated accounts on nearly 200 websites like Ebay, Slashdot, reddit, etc.N/AInternal
AdBlock CheckCheck if linked pages would be blocked by AdBlock Plus.https://adblockplus.org/Tiered API
AhmiaSearch Tor ‘Ahmia’ search engine for mentions of the target.https://ahmia.fi/Free API
AlienVault IP ReputationCheck if an IP or netblock is malicious according to the AlienVault IP Reputation database.https://cybersecurity.att.com/Free API
AlienVault OTXObtain information from AlienVault Open Threat Exchange (OTX)https://otx.alienvault.com/Tiered API
Amazon S3 Bucket FinderSearch for potential Amazon S3 buckets associated with the target and attempt to list their contents.https://aws.amazon.com/s3/Free API
ApilitySearch Apility API for IP address and domain reputation.https://auth0.com/signalsTiered API
Apple iTunesSearch Apple iTunes for mobile apps.https://itunes.apple.com/Internal
Archive.orgIdentifies historic versions of interesting files/pages from the Wayback Machine.https://archive.org/Free API
ARINQueries ARIN registry for contact information.https://www.arin.net/Free API
Azure Blob FinderSearch for potential Azure blobs associated with the target and attempt to list their contents.https://azure.microsoft.com/en-in/services/storage/blobs/Free API
Bad PacketsObtain information about any malicious activities involving IP addresses foundhttps://badpackets.netCommercial API
Bambenek C&C ListCheck if a host/domain or IP appears on Bambenek Consulting’s C&C tracker lists.http://www.bambenekconsulting.com/Free API
Base64 DecoderIdentify Base64-encoded strings in URLs, often revealing interesting hidden information.N/AInternal
BGPViewObtain network information from BGPView API.https://bgpview.io/Free API
Binary String ExtractorAttempt to identify strings in binary content.N/AInternal
BinaryEdgeObtain information from BinaryEdge.io Internet scanning systems, including breaches, vulnerabilities, torrents and passive DNS.https://www.binaryedge.io/Tiered API
Bing (Shared IPs)Search Bing for hosts sharing the same IP.https://www.bing.com/Tiered API
BingObtain information from bing to identify sub-domains and links.https://www.bing.com/Tiered API
Bitcoin FinderIdentify bitcoin addresses in scraped webpages.N/AInternal
Bitcoin Who’s WhoCheck for Bitcoin addresses against the Bitcoin Who’s Who database of suspect/malicious addresses.https://bitcoinwhoswho.com/Tiered API
BitcoinAbuseCheck Bitcoin addresses against the bitcoinabuse.com database of suspect/malicious addresses.https://www.bitcoinabuse.com/Free API
BlockchainQueries blockchain.info to find the balance of identified bitcoin wallet addresses.https://www.blockchain.com/Free API
blocklist.deCheck if a netblock or IP is malicious according to blocklist.de.http://www.blocklist.de/en/index.htmlFree API
BotScoutSearches botscout.com’s database of spam-bot IPs and e-mail addresses.http://botscout.com/Tiered API
botvrij.euCheck if a domain is malicious according to botvrij.eu.https://botvrij.eu/Free API
BuiltWithQuery BuiltWith.com’s Domain API for information about your target’s web technology stack, e-mail addresses and more.https://builtwith.com/Tiered API
C99Queries the C99 API which offers various data (geo location, proxy detection, phone lookup, etc).https://api.c99.nl/Commercial API
CallerNameLookup US phone number location and reputation information.http://callername.com/Free API
CensysObtain information from Censys.iohttps://censys.io/Tiered API
Certificate TransparencyGather hostnames from historical certificates in crt.sh.https://crt.sh/Free API
CINS Army ListCheck if a netblock or IP address is malicious according to cinsscore.com’s Army List.https://cinsscore.com/Free API
CIRCL.LUObtain information from CIRCL.LU’s Passive DNS and Passive SSL databases.https://www.circl.lu/Free API
CleanBrowsing.orgCheck if a host would be blocked by CleanBrowsing.org DNShttps://cleanbrowsing.org/Free API
CleanTalk Spam ListCheck if a netblock or IP address is on CleanTalk.org’s spam IP list.https://cleantalk.orgFree API
ClearbitCheck for names, addresses, domains and more based on lookups of e-mail addresses on clearbit.com.https://clearbit.com/Tiered API
CloudFlare Malware DNSCheck if a host would be blocked by CloudFlare Malware-blocking DNShttps://www.cloudflare.com/Free API
CoinBlocker ListsCheck if a host/domain or IP appears on CoinBlocker lists.https://zerodot1.gitlab.io/CoinBlockerListsWeb/Free API
CommonCrawlSearches for URLs found through CommonCrawl.org.http://commoncrawl.org/Free API
ComodoCheck if a host would be blocked by Comodo DNShttps://www.comodo.com/secure-dns/Free API
Company Name ExtractorIdentify company names in any obtained data.N/AInternal
Cookie ExtractorExtract Cookies from HTTP headers.N/AInternal
Country Name ExtractorIdentify country names in any obtained data.N/AInternal
Credit Card Number ExtractorIdentify Credit Card Numbers in any dataN/AInternal
Crobat APISearch Crobat API for subdomains.https://sonar.omnisint.io/Free API
Cross-ReferencerIdentify whether other domains are associated (‘Affiliates’) of the target by looking for links back to the target site(s).N/AInternal
CRXcavatorSearch CRXcavator for Chrome extensions.https://crxcavator.io/Free API
Custom Threat FeedCheck if a host/domain, netblock, ASN or IP is malicious according to your custom feed.N/AInternal
cybercrime-tracker.netCheck if a host/domain or IP is malicious according to cybercrime-tracker.net.http://cybercrime-tracker.net/Free API
DarksearchSearch the Darksearch.io Tor search engine for mentions of the target domain.https://darksearch.io/Free API
DebounceCheck whether an email is disposablehttps://debounce.io/Free API
DehashedGather breach data from Dehashed API.https://www.dehashed.com/Commercial API
Digital Ocean Space FinderSearch for potential Digital Ocean Spaces associated with the target and attempt to list their contents.https://www.digitalocean.com/products/spaces/Free API
DNS Brute-forcerAttempts to identify hostnames through brute-forcing common names and iterations.N/AInternal
DNS Common SRVAttempts to identify hostnames through brute-forcing common DNS SRV records.N/AInternal
DNS Look-asideAttempt to reverse-resolve the IP addresses next to your target to see if they are related.N/AInternal
DNS Raw RecordsRetrieves raw DNS records such as MX, TXT and others.N/AInternal
DNS ResolverResolves Hosts and IP Addresses identified, also extracted from raw content.N/AInternal
DNS Zone TransferAttempts to perform a full DNS zone transfer.N/AInternal
DNSDBQuery FarSight’s DNSDB for historical and passive DNS data.https://www.farsightsecurity.comTiered API
DNSDumpsterPassive subdomain enumeration using HackerTarget’s DNSDumpsterhttps://dnsdumpster.com/Free API
DNSGrepObtain Passive DNS information from Rapid7 Sonar Project using DNSGrep API.https://opendata.rapid7.com/Free API
DroneBLQuery the DroneBL database for open relays, open proxies, vulnerable servers, etc.https://dronebl.org/Free API
DuckDuckGoQuery DuckDuckGo’s API for descriptive information about your target.https://duckduckgo.com/Free API
E-Mail Address ExtractorIdentify e-mail addresses in any obtained data.N/AInternal
EmailCrawlrSearch EmailCrawlr for email addresses and phone numbers associated with a domain.https://emailcrawlr.com/Tiered API
EmailFormatLook up e-mail addresses on email-format.com.https://www.email-format.com/Free API
EmailRepSearch EmailRep.io for email address reputation.https://emailrep.io/Tiered API
Emerging ThreatsCheck if a netblock or IP is malicious according to emergingthreats.net.https://rules.emergingthreats.net/Free API
Error String ExtractorIdentify common error messages in content like SQL errors, etc.N/AInternal
Ethereum Address ExtractorIdentify ethereum addresses in scraped webpages.N/AInternal
EtherscanQueries etherscan.io to find the balance of identified ethereum wallet addresses.https://etherscan.ioFree API
F-Secure Riddler.ioObtain network information from F-Secure Riddler.io API.https://riddler.io/Commercial API
File Metadata ExtractorExtracts meta data from documents and images.N/AInternal
FlickrSearch Flickr for domains, URLs and emails related to the specified domain.https://www.flickr.com/Free API
Fortiguard.comCheck if an IP is malicious according to Fortiguard.com.https://fortiguard.com/Free API
FraudguardObtain threat information from Fraudguard.iohttps://fraudguard.io/Tiered API
Fringe ProjectObtain network information from Fringe Project API.https://fringeproject.com/Free API
FullContactGather domain and e-mail information from FullContact.com API.https://www.fullcontact.comTiered API
GithubIdentify associated public code repositories on Github.https://github.com/Free API
GLEIFLook up company information from Global Legal Entity Identifier Foundation (GLEIF).https://search.gleif.org/Tiered API
Google MapsIdentifies potential physical addresses and latitude/longitude coordinates.https://cloud.google.com/maps-platform/Tiered API
Google Object Storage FinderSearch for potential Google Object Storage buckets associated with the target and attempt to list their contents.https://cloud.google.com/storageFree API
Google SafeBrowsingCheck if the URL is included on any of the Safe Browsing lists.https://developers.google.com/safe-browsing/v4/lookup-apiFree API
GoogleObtain information from the Google Custom Search API to identify sub-domains and links.https://developers.google.com/custom-searchTiered API
GravatarRetrieve user information from Gravatar API.https://secure.gravatar.com/Free API
Grayhat WarfareFind bucket names matching the keyword extracted from a domain from Grayhat API.https://buckets.grayhatwarfare.com/Tiered API
GreensnowCheck if a netblock or IP address is malicious according to greensnow.co.https://greensnow.co/Free API
grep.appSearch grep.app API for links and emails related to the specified domain.https://grep.app/Free API
GreynoiseObtain information from Greynoise.io’s Enterprise API.https://greynoise.io/Tiered API
HackerOne (Unofficial)Check external vulnerability scanning/reporting service h1.nobbd.de to see if the target is listed.http://www.nobbd.de/Free API
HackerTargetSearch HackerTarget.com for hosts sharing the same IP.https://hackertarget.com/Free API
Hash ExtractorIdentify MD5 and SHA hashes in web content, files and more.N/AInternal
HaveIBeenPwnedCheck HaveIBeenPwned.com for hacked e-mail addresses identified in breaches.https://haveibeenpwned.com/Commercial API
Honeypot CheckerQuery the projecthoneypot.org database for entries.https://www.projecthoneypot.org/Free API
Host.ioObtain information about domain names from host.io.https://host.ioTiered API
Hosting Provider IdentifierFind out if any IP addresses identified fall within known 3rd party hosting ranges, e.g. Amazon, Azure, etc.N/AInternal
Human Name ExtractorAttempt to identify human names in fetched content.N/AInternal
Hunter.ioCheck for e-mail addresses and names on hunter.io.https://hunter.io/Tiered API
Hybrid AnalysisSearch Hybrid Analysis for domains and URLs related to the target.https://www.hybrid-analysis.comFree API
IBAN Number ExtractorIdentify IBAN Numbers in any dataN/AInternal
Iknowwhatyoudownload.comCheck iknowwhatyoudownload.com for IP addresses that have been using BitTorrent.https://iknowwhatyoudownload.com/en/peer/Tiered API
InstagramGather information from Instagram profiles.https://www.instagram.com/Free API
IntelligenceXObtain information from IntelligenceX about identified IP addresses, domains, e-mail addresses and phone numbers.https://intelx.io/Tiered API
Interesting File FinderIdentifies potential files of interest, e.g. office documents, zip files.N/AInternal
Internet Storm CenterCheck if an IP is malicious according to SANS ISC.https://isc.sans.eduFree API
ipapi.comQueries ipapi.com to identify geolocation of IP Addresses using ipapi.com APIhttps://ipapi.com/Tiered API
ipapi.coQueries ipapi.co to identify geolocation of IP Addresses using ipapi.co APIhttps://ipapi.co/Tiered API
IPInfo.ioIdentifies the physical location of IP addresses identified using ipinfo.io.https://ipinfo.ioTiered API
IPQualityScoreDetermine if target is malicious using IPQualityScore APIhttps://www.ipqualityscore.com/Tiered API
ipregistryQuery the ipregistry.co database for reputation and geo-location.https://ipregistry.co/Tiered API
ipstackIdentifies the physical location of IP addresses identified using ipstack.com.https://ipstack.com/Tiered API
JsonWHOIS.comSearch JsonWHOIS.com for WHOIS records associated with a domain.https://jsonwhois.comTiered API
Junk File FinderLooks for old/temporary and other similar files.N/AInternal
KeybaseObtain additional information about target usernamehttps://keybase.io/Free API
KoodousSearch Koodous for mobile apps.https://koodous.com/apks/Free API
Leak-LookupSearches Leak-Lookup.com’s database of breaches.https://leak-lookup.com/Free API
LeakIXSearch LeakIX for host data leaks, open ports, software and geoip.https://leakix.net/Free API
MaltiverseObtain information about any malicious activities involving IP addresseshttps://maltiverse.comFree API
malwaredomainlist.comCheck if a host/domain, IP or netblock is malicious according to malwaredomainlist.com.http://www.malwaredomainlist.com/Free API
malwaredomains.comCheck if a host/domain is malicious according to malwaredomains.com.http://www.malwaredomains.com/Free API
MalwarePatrolSearches malwarepatrol.net’s database of malicious URLs/IPs.https://www.malwarepatrol.net/Tiered API
MetaDefenderSearch MetaDefender API for IP address and domain IP reputation.https://metadefender.opswat.com/Tiered API
Mnemonic PassiveDNSObtain Passive DNS information from PassiveDNS.mnemonic.no.https://www.mnemonic.noFree API
multiproxy.org Open ProxiesCheck if an IP is an open proxy according to multiproxy.org’ open proxy list.https://multiproxy.org/Free API
MySpaceGather username and location from MySpace.com profiles.https://myspace.com/Free API
NameAPICheck whether an email is disposablehttps://www.nameapi.org/Tiered API
NetworksDBSearch NetworksDB.io API for IP address and domain information.https://networksdb.io/Tiered API
NeutrinoAPISearch NeutrinoAPI for IP address info and check IP reputation.https://www.neutrinoapi.com/Tiered API
numverifyLookup phone number location and carrier information from numverify.com.http://numverify.com/Tiered API
Onion.linkSearch Tor ‘Onion City’ search engine for mentions of the target domain.https://onion.link/Free API
Onionsearchengine.comSearch Tor onionsearchengine.com for mentions of the target domain.https://as.onionsearchengine.comFree API
OnypheCheck Onyphe data (threat list, geo-location, pastries, vulnerabilities) about a given IP.https://www.onyphe.ioTiered API
Open Bug BountyCheck external vulnerability scanning/reporting service openbugbounty.org to see if the target is listed.https://www.openbugbounty.org/Free API
Open Passive DNS DatabaseObtain passive DNS information from pdns.daloo.de Open passive DNS database.http://pdns.daloo.de/Free API
OpenCorporatesLook up company information from OpenCorporates.https://opencorporates.comTiered API
OpenDNSCheck if a host would be blocked by OpenDNS DNShttps://www.opendns.com/Free API
OpenPhishCheck if a host/domain is malicious according to OpenPhish.com.https://openphish.com/Free API
OpenStreetMapRetrieves latitude/longitude coordinates for physical addresses from OpenStreetMap API.https://www.openstreetmap.org/Free API
Page InformationObtain information about web pages (do they take passwords, do they contain forms, etc.)N/AInternal
PasteBinPasteBin search (via Google Search API) to identify related content.https://pastebin.com/Tiered API
PGP Key ServersLook up e-mail addresses in PGP public key servers.N/AInternal
PhishStatsDetermine if an IP Address is malicioushttps://phishstats.info/Free API
PhishTankCheck if a host/domain is malicious according to PhishTank.https://phishtank.com/Free API
Phone Number ExtractorIdentify phone numbers in scraped webpages.N/AInternal
Port Scanner – TCPScans for commonly open TCP ports on Internet-facing systems.N/AInternal
ProjectDiscovery ChaosSearch for hosts/subdomains using chaos.projectdiscovery.iohttps://chaos.projectdiscovery.ioCommercial API
PsbdmpCheck psbdmp.cc (PasteBin Dump) for potentially hacked e-mails and domains.https://psbdmp.cc/Free API
PulsediveObtain information from Pulsedive’s API.https://pulsedive.com/Tiered API
PunkSpiderCheck the QOMPLX punkspider.io service to see if the target is listed as vulnerable.https://punkspider.io/Free API
Quad9Check if a host would be blocked by Quad9https://quad9.net/Free API
Recon.devSearch Recon.dev for subdomains.https://recon.devInternal
ReverseWhoisReverse Whois lookups using reversewhois.io.https://www.reversewhois.io/Free API
RIPEQueries the RIPE registry (includes ARIN data) to identify netblocks and other info.https://www.ripe.net/Free API
RiskIQObtain information from RiskIQ’s (formerly PassiveTotal) Passive DNS and Passive SSL databases.https://community.riskiq.com/Tiered API
RobtexSearch Robtex.com for hosts sharing the same IP.https://www.robtex.com/Free API
ScyllaGather breach data from Scylla API.https://scylla.so/Free API
searchcodeSearch searchcode for code repositories mentioning the target domain.https://searchcode.com/Free API
SecurityTrailsObtain Passive DNS and other information from SecurityTrailshttps://securitytrails.com/Tiered API
SeonQueries seon.io to gather intelligence about IP Addresses, email addresses, and phone numbershttps://seon.io/Commercial API
SHODANObtain information from SHODAN about identified IP addresses.https://www.shodan.io/Tiered API
Similar Domain FinderSearch various sources to identify similar looking domain names, for instance squatted domains.N/AInternal
SkymemLook up e-mail addresses on Skymem.http://www.skymem.info/Free API
SlideShareGather name and location from SlideShare profiles.https://www.slideshare.netFree API
SnovGather available email IDs from identified domainshttps://snov.io/Tiered API
Social LinksQueries mtg-bi.com to gather intelligence from social media platforms and dark webhttps://mtg-bi.com/Commercial API
Social Media Profile FinderTries to discover the social media profiles for human names identified.https://developers.google.com/custom-searchTiered API
Social Network IdentifierIdentify presence on social media networks such as LinkedIn, Twitter and others.N/AInternal
SORBSQuery the SORBS database for open relays, open proxies, vulnerable servers, etc.http://www.sorbs.net/Free API
SpamCopQuery various spamcop databases for open relays, open proxies, vulnerable servers, etc.https://www.spamcop.net/Free API
SpamhausQuery the Spamhaus databases for open relays, open proxies, vulnerable servers, etc.https://www.spamhaus.org/Free API
spur.usObtain information about any malicious activities involving IP addresses foundhttps://spur.us/Commercial API
SpyOnWebSearch SpyOnWeb for hosts sharing the same IP address, Google Analytics code, or Google Adsense code.http://spyonweb.com/Tiered API
SpyseSearch Spyse.com Internet assets registry for information about domains, IPv4 hosts, potential vulnerabilities, passive DNS, etc.https://spyse.comTiered API
SSL Certificate AnalyzerGather information about SSL certificates used by the target’s HTTPS sites.N/AInternal
Strange Header IdentifierObtain non-standard HTTP headers returned by web servers.N/AInternal
Subdomain Takeover CheckerCheck if affiliated subdomains are vulnerable to takeover.N/AInternal
Sublist3r PassiveDNSPassive subdomain enumeration using Sublist3r’s APIhttps://api.sublist3r.comFree API
Talos IntelligenceCheck if a netblock or IP is malicious according to talosintelligence.com.https://talosintelligence.com/Free API
TextMagicObtain phone number type from TextMagic APIhttps://www.textmagic.com/Tiered API
ThreatCrowdObtain information from ThreatCrowd about identified IP addresses, domains and e-mail addresses.https://www.threatcrowd.orgFree API
ThreatMinerObtain information from ThreatMiner’s database for passive DNS and threat intelligence.https://www.threatminer.org/Free API
TLD SearcherSearch all Internet TLDs for domains with the same name as the target (this can be very slow.)N/AInternal
Tool – CMSeeKIdentify what Content Management System (CMS) might be used.https://github.com/Tuhinshubhra/CMSeeKTool
Tool – DNSTwistIdentify bit-squatting, typo and other similar domains to the target using a local DNSTwist installation.https://github.com/elceef/dnstwistTool
Tool – NmapIdentify what Operating System might be used.https://nmap.org/Tool
Tool – WhatWebIdentify what software is in use on the specified website.https://github.com/urbanadventurer/whatwebTool
TOR Exit NodesCheck if an IP or netblock appears on the torproject.org exit node list.N/AInternal
TORCHSearch Tor ‘TORCH’ search engine for mentions of the target domain.https://torchsearch.wordpress.com/Free API
TotalHash.comCheck if a host/domain or IP is malicious according to TotalHash.com.https://totalhash.cymru.com/Free API
TrashpandaQueries Trashpanda to gather intelligence about mentions of target in pastesiteshttps://got-hacked.wtfTiered API
TrumailCheck whether an email is disposablehttps://trumail.io/Free API
TwilioObtain information from Twilio about phone numbers. Ensure you have the Caller Name add-on installed in Twilio.https://www.twilio.com/Tiered API
TwitterGather name and location from Twitter profiles.https://twitter.com/Free API
UCEPROTECTQuery the UCEPROTECT databases for open relays, open proxies, vulnerable servers, etc.http://www.uceprotect.net/Free API
URLScan.ioSearch URLScan.io cache for domain information.https://urlscan.io/Free API
VenmoGather user information from Venmo API.https://venmo.com/Free API
ViewDNS.infoReverse Whois lookups using ViewDNS.info.https://viewdns.info/Tiered API
VirusTotalObtain information from VirusTotal about identified IP addresses.https://www.virustotal.com/Tiered API
VoIPBL OpenPBX IPsCheck if an IP or netblock is an open PBX according to VoIPBL OpenPBX IPs.http://www.voipbl.org/Free API
VXVault.netCheck if a domain or IP is malicious according to VXVault.net.http://vxvault.net/Free API
Web Analytics ExtractorIdentify web analytics IDs in scraped webpages and DNS TXT records.N/AInternal
Web Framework IdentifierIdentify the usage of popular web frameworks like jQuery, YUI and others.N/AInternal
Web Server IdentifierObtain web server banners to identify versions of web servers being used.N/AInternal
Web SpiderSpidering of web-pages to extract content for searching.N/AInternal
WhatCMSCheck web technology using WhatCMS.org API.https://whatcms.org/Tiered API
WhoisologyReverse Whois lookups using Whoisology.com.https://whoisology.com/Commercial API
WhoisPerform a WHOIS look-up on domain names and owned netblocks.N/AInternal
WhoxyReverse Whois lookups using Whoxy.com.https://www.whoxy.com/Commercial API
WiGLEQuery WiGLE to identify nearby WiFi access points.https://wigle.net/Free API
WikileaksSearch Wikileaks for mentions of domain names and e-mail addresses.https://wikileaks.org/Free API
Wikipedia EditsIdentify edits to Wikipedia articles made from a given IP address or username.https://www.wikipedia.org/Free API
XForce ExchangeObtain IP reputation and passive DNS information from IBM X-Force Exchangehttps://exchange.xforce.ibmcloud.com/Tiered API
Yandex DNSCheck if a host would be blocked by Yandex DNShttps://yandex.com/Free API
ZetalyticsQuery the Zetalytics database for hosts on your target domain(s).https://zetalytics.com/Tiered API
Zone-H Defacement CheckCheck if a hostname/domain appears on the zone-h.org ‘special defacements’ RSS feed.https://zone-h.org/Free API

Download: https://github.com/smicallef/spiderfoot

Please follow and like us:

Leave a Reply

Your email address will not be published.