SpiderFoot is the app OSINT Open source code is built-in on Kali Linux. With the API combination feature of famous OSINT sites, SpiderFoot helps you in-depth analysis of a content related to anyone, such as email, username, phone number… from open sources on the Internet. In this article, Natuts will guide you how to install and use SpiderFoot tool to OSINT.
To install and run SpiderFoot, you need Python 3.7 or later and some Python libraries that you can install using pip. In my opinion, you should install the full version on github instead of using the built-in Kali Linux because it will lack some features.
- You can target to use SpiderFoot to crawl:
- IP address
- Server name
- Subnetting (CIDR)
- Email address
- Phone number
- account name
- Someone’s name
- Bitcoin Address
You choose 1 of 2 versions to install, any version is fine:
Install the stable version
wget https://github.com/smicallef/spiderfoot/archive/v4.0.tar.gz tar zxvf v4.0.tar.gz cd spiderfoot-4.0 pip3 install -r requirements.txt python3 ./sf.py -l 127.0.0.1:5001
Install the dev version
git clone https://github.com/smicallef/spiderfoot.git cd spiderfoot pip3 install -r requirements.txt python3 ./sf.py -l 127.0.0.1:5001
when running the command
python3 ./sf.py -l 127.0.0.1:5001 This means that you have activated the SpiderFoot interface feature, now you can go to the browser and type the link.
127.0.0.1:5001 to start using SpiderFoot.
Now click New Scan to find information.
- Scan name: Enter any name
- Scan Target: Enter the information you want to track and search. For example someone’s username. Note that if you are looking for username information, you must put the username in quotes. Example: “anonyviet”
- The rest of the content you leave the default so that SpiderFoot can scan from all sources.
- Then scroll down to the bottom of the page and press Run Scan Now
Scanning time may be a bit long, it takes about 5-10 minutes, just leave the browser and Terminal there, don’t turn it off. Pay attention in Terminal and you’ll see it’s active
On the Web side, the status Running.
You wait beside Terminal recording Scan [8F27F4E6] completed. That’s it, you can see it on the Web too Finished you can see the results. Now you can enter
For example, I go to Account on External Site will see the social network account related to anonyviet. But not sure all of anonyviet users belong to anonyviet.com. So when the results are available, you need to further classify and filter to get the exact information of a person you want to find on the Internet.
You can find more results in different menus, in addition you can subscribe to the APIs of the OSINT search services and integrate them into SpiderFoot in the Menu Settings to find more results from other and deeper sources.