OSINT tool — SpiderFoot for N00bs

A quick tutorial to begin using this Open Source Intelligence tool

This article will provide instructions to install and use the OSINT tool Spiderfoot for the first time. OSINT tools can be used to gather intelligence about IP addresses, domain names, email addresses from many data sources such as Shodan, Whois, “Have I Been Pwned” and many more public data sources. Note that all the results than can be obtained through the use of OSINT tool can also be collected manually

Besides the free version of this tool which is an open-source project written in Python3 available for download, there is also a commercial version Spiderfoot HX that is hosted in the cloud as SaaS. However, this article is restricted to the free version.

Installation

Installing SpiderFoot in Ubuntu Linux OS requires the execution of the following commands to set up the environment and download the software:

Start the Web application listening to port 7777

Open the browser and navigate to localhost on port 7777.

Click New Scan to start a new scan

Give the scan a name and enter the target in the field Seed Target, which defines the target and is described below

There exist 3 categories to choose a scan profile from:

  1. By Use Case
  2. By Required Data
  3. By Module

In the case of ‘By Module’, there are many modules with a lock sign behind the name indicate that the module requires an API key that needs to be entered by the user manually through the Setting menu.

Running a scan

This scan will target the personal website of Steve Micallef (Spiderfoot author), using all the modules that don’t require API keys.

After clicking Run Scan button, the scan results will start to appear while scanning is still going on. Click on Status for the results

Click on Browse to see results categorized by data type

Click on Graph to view the relational overview

Click on Log to see detailed scanning information about the module and data obtained.

This was my beginner’s guide to use Spiderfoot for OSINT. After familiarizing myself with the tool, I plan to write another article about how to use this tool in a real use case scenario.

2do: add password and TLS description in the example.

Running IT security analyst. Passionate about (wireless) networks and security overall