OSINT Research Using Username, E-mail, Phone Number, and Many More
Today I will introduce you to a tool called SpiderFoot. SpiderFoot automates OSINT gathering process to find anything about your target, centralized in one single tool.
Installation Process
Open terminal and put in
git clone https://github.com/smicallef/spiderfoot.gitNow let’s go to the directory where you have cloned SpiderFoot.
cd spiderfootUsage
Now we will create a virtual environment in a directory called “env”.
python3 -m venv envNow we make the virtual environment active.
source env/bin/activate(env)We have to install the Python requirements now.
pip install -r requirements.txtWe can open up a web UI by doing this.
python3 sf.py -l 127.0.0.1:8080When we do this, you’ll be given a link that you can click on in your terminal. Click the link and you will be directed to a website where you can track your scanning. It should look like this.
The website where you can start scanning will look like this.
As you can see, to the right of the screen the website explains the different “Scan Target” you can use, for this demo I’ll be using a username which is used by a famous R&B group “MajidJordan”. For the scan name I put “test5” and the scan target I put it in quotations as the website says “majidjordan”. Once you click enter or run scan, if you check on top of the website you will find a section that says “Scans” you can click on that and wait for your scan to be finished, it can take a few minutes to be done so be patient. Once the scan is done it should look something like this.
Now, let’s click on the test name which in this case is “test5”, you will then be met with this page.
If we click on “Account on External Site” we can find any kind of accounts linked to the name “majidjordan” through this I was able to find their Instagram, Tiktok, Youtube, and Soundcloud.
I encourage you to mess around and have different scan targets such as IPv6 addresses, phone numbers and many more. If you enjoyed this article please leave a follow or a clap and happy hacking!