SpiderFoot is an OSINT automation tool designed for threat intelligence and attack surface mapping. Key features include:
- Extensive Integration: Connects with numerous data sources and employs various data analysis methods.
- Versatile Interface: Offers both a web-based UI and CLI for flexible usage.
- Modular Architecture: Employs a publisher/subscriber model with 200+ modules for maximum data extraction.
- Configurable Correlation Engine: Includes a YAML-based engine with pre-defined rules for data correlation.
- Reporting & Export: Supports CSV, JSON, and GEXF export formats.
- Use Cases:
- Offensive reconnaissance during red team exercises.
- Defensive gathering of information about exposed internet assets.
- Host/sub-domain enumeration and extraction.
- Extraction of email addresses, phone numbers, and human names.
- Bitcoin and Ethereum address identification.
- Vulnerability checks for sub-domain hijacking.
- Threat intelligence and blacklist queries.
