Stuff: Electronic consumables > SpiderFoot
>>> Please note that the Google API-based search no longer works in SpiderFoot as Google no longer offer that service. This will be addressed in SpiderFoot v2. <<<
SpiderFoot is a free, open-source, domain footprinting tool. Given one or multiple domain names (and when I say domains, I'm referring to the DNS kind, not Windows domains), it will scrape the websites on that domain, as well as search Google, Netcraft, Whois and DNS to build up information like:
- Subdomains
- Affiliates
- Web server versions
- Users (i.e. /~user)
- Similar domains
- Email addresses
- Netblocks
SpiderFoot is 100% written in C# and is GPL licenced. Check out the Screenshots!
Download it HERE, source code is included.
This is version 0.01b, and has been this way since 2005. A new! improved! release will be coming some time around June/July 2009.Instructions
It's all GUI driven, so hopefully it should all be pretty self explanatory. Basically, once you run SpiderFoot.exe:
1) Click on the Config tab and go through each of the sub-tabs to tune the settings to your liking, although the defaults should be fine for most scans. Running the mouse over each option should give a breif summary of what the setting does.
2) Then, go to the Control tab and input all the domains you want to footprint.
3) Finally, select the checkboxes of the methods you want to use for footprinting and click Start.
The Results tab will show results in real-time, and you can click the Save button to save the data to a .CSV file (although the fields themselves are tab seperated). Double-clicking on the items listed in each result list will provide a bit more detail.
One final note, SpiderFoot primarily relies on parsing HTML to get a lot of information. This means that if a site has totally insanely malformed HTML, or strange text, etc. in its page, then you'll probably get some strange results. This doesn't mean that SpiderFoot broken or something is horribly wrong, it just means that SpiderFoot did it's best to parse the content and it failed.