Spiderfoot OSINT reconnaissance
I’ve written it several times before, during a penetration test one of the most important aspects of engaging a target is information gathering. The more information you have coming into an attack, the more likely the attack is to succeed.
I’ve written about Recon-NG, Netcraft, OSINT Framework, knockpy. In this article I’ll be looking at SpiderFoot.
Install Spiderfoot
$ git clone https://github.com/smicallef/spiderfoot.git
$ cd spiderfoot
Install dependencies
$ pip install lxml netaddr M2Crypto cherrypy mako requests bs4 phonenumbers ipaddr ipwhois
Now start server
$ sf.py
And go to URL
Opening ‘Settings’ we can add API keys. Obtain them from here.
Now I’ll create a new scan ofmedium.com:
And obtain info to cross-check with my other tools.
Other Reconnaissance Tools
You can view more articles about other reconnaissance tools here.