SpiderFoot

OSINT Framework
Introduction:
SpiderFoot is an open-source intelligence (OSINT) automation tool that collects
information about a given target from over 200 public data sources. It is widely
used for reconnaissance in cybersecurity, penetration testing, and investigative
research.
Features:
 Automates the collection of OSINT data from multiple sources.
 Supports over 200 data sources including WHOIS, DNS, search engines, social
media, and breach databases.
 Provides web-based and command-line interfaces.
 Generates visualized reports and detailed insights.
 Highly customizable through modules and scripting.
 Supports API integration for automation.
Installation:
Install the Spiderfoot on the kali Linux by using the following command:
Sudo apt install spiderfoot
How to use:
 Run the spiderfoot on the kali Linux by the following command:
Spiderfoot -l <local host ip>:<port number>

Page | 1
 This will open the GUI of spider foot

 Click on the New Scan option

 Give the scan name and scan target you want. In my case my target is for
the eccouncil.org.

 By Use Case: Quick scan setup using pre-defined investigation scenarios.

Page | 2
  By Required Data: Focus on gathering specific data types regardless of
modules.
 By Module: Complete manual control over individual SpiderFoot
modules.

Now do the configuration in Spiderfoot scan.

 Account on External Site: Checks if the target is associated with accounts
on various external websites.
 Affiliate - Domain Name: Identifies domain names associated with the
target as affiliates.
 Affiliate - Domain Whois: Retrieves WHOIS information for identified
affiliate domains.
 Affiliate - IP Address: Finds IP addresses associated with the target's
affiliates.
 Affiliate - Internet Name: Resolves internet names (hostnames) associated
with affiliates.
 Affiliate - Web Content: Scans the web content of affiliate websites for
relevant information.
 Compromised Password Hash: Checks if any password hashes associated
with the target have been compromised.
 Country Name: Determines the country associated with the target's IP
addresses or domains.
 DNS SPF Record: Retrieves the target domain's SPF (Sender Policy
Framework) record.
 DNS TXT Record: Retrieves the TXT records for the target domain.
 Domain Name: Identifies domain names associated with the target.
 Email Address: Find email addresses associated with the target.
 Email Address - Generic: Identifies generic email addresses (e.g., info@,
support@) associated with the target.

Page | 3
 After that click on the “Run Scan” option. This will take some time to
complete the scan. After the scan the results are as follows
 After the data has been scan the results are given in the form of bar chart

Page | 4
 This portion shows the findings

 These headers provide valuable information about the server's configuration,

security policies, and how it interacts with browsers. They can be useful for
understanding the website's infrastructure and identifying potential security
vulnerabilities. The presence of Cloudflare is also a key finding.

Page | 5
 Email fetched (can be used to fetch leaked passwords and the password
hashes)

 Status code allowed only for the mentioned URL’s

Page | 6
 This SpiderFoot graph visualization shows the identified email address
[email protected] as a central node, with numerous related data points
(black nodes) connected to it, indicating the tool has found multiple
connections or associations related to this email during the scan.

Page | 7