SpiderFoot
Automated OSINT platform. Given a seed (domain, IP, email, username, etc.), runs 200+ modules to gather intelligence from public sources and correlates the results into a graph.
Install
# Python (pip)
pip install spiderfoot
spiderfoot -l 127.0.0.1:5001 # web UI
# Docker
docker run -p 5001:5001 -v spiderfoot_data:/home/spiderfoot/.spiderfoot \
spiderfoot/spiderfoot
# Kali
apt install spiderfootUsage — web UI
spiderfoot -l 0.0.0.0:5001 # start web server
# Open http://localhost:5001
# New Scan → enter target → select modules → runUsage — CLI
# Quick scan with all modules
spiderfoot -s example.com -t INTERNET_NAME -m all -q
# Specific modules
spiderfoot -s example.com -m sfp_dnsresolve,sfp_ssl,sfp_whois
# List modules
spiderfoot -M
# Output to CSV
spiderfoot -s example.com -m all -o csv -f results.csvTarget types
INTERNET_NAME (domain) · IP_ADDRESS · EMAILADDR · USERNAME · PHONE_NUMBER · HUMAN_NAME · BGP_AS_MEMBER
Key modules
| Module | Source |
|---|---|
sfp_dns* | DNS enumeration |
sfp_shodan | Shodan (API key required) |
sfp_hunter | Hunter.io emails |
sfp_whois | WHOIS records |
sfp_ssl | TLS certificate info |
sfp_github | GitHub exposure |
sfp_passivedns | Passive DNS history |
sfp_crt | Certificate Transparency |