SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet.
SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you.
+ Utilises a shedload of data sources; over 40 so far and counting, including SHODAN, RIPE, Whois, PasteBin, Google, SANS and more.
+ Designed for maximum data extraction; every piece of data is passed on to modules that may be interested, so that they can extract valuable information. No piece of discovered data is saved from analysis.
+ Runs on Linux and Windows. And fully open-source so you can fork it on GitHub and do whatever you want with it.
+ Web-based UI. No cumbersome CLI or Java to mess with. Easy to use, easy to navigate. Take a look through the gallery for screenshots.
+ Highly configurable. Almost every module is configurable so you can define the level of intrusiveness and functionality.
+ Modular. Each major piece of functionality is a module, written in Python. Feel free to write your own and submit them to be incorporated!
+ SQLite back-end. All scan results are stored in a local SQLite database, so you can play with your data to your heart’s content.
+ Simultaneous scans. Each footprint scan runs as its own thread, so you can perform footprinting of many different targets simultaneously.
+ So much more.. check out the documentation for more information.