cookie
We use cookies

This website use cookies to give you the best, most relevant experience. By continuing to use this website you’re accepting this. If you wish to find out more, click this link (or by clicking the Privacy link at the bottom of any page)

The OSINT Platform for

Security Assessments.

Threat Intelligence.

Asset Discovery.

Attack Surface Monitoring.

SpiderFoot automates OSINT collection and helps you find what matters.
Download

Open source edition

or

Immediate free access to SpiderFoot HX

icon integrations
primary icon

OSINT.  Automated.

No matter your use case, SpiderFoot will save you time by automating the collection and surfacing of interesting OSINT

Cyber Threat Intelligence

Found a suspicious IP address or other indicators in your logs that you need to investigate? Maybe you want to dig deeper into the e-mail address used, or the links referenced in a recent phishing campaign your organization faced?

Learn more
scanning
Asset Discovery

With over 200 modules for data collection and analysis, you can be confident that with SpiderFoot you’ll be gaining the most comprehensive view into the Internet-facing attack surface of your organization.

Learn more
works2
Security Assessments

Red teams and penetration testers love SpiderFoot due to it’s broad OSINT reach and identification of low hanging fuit, revealing long-forgotten and unmanaged IT assets, exposed credentials, open cloud storage buckets and much more.

Learn more
works3
Attack Surface Monitoring

What if e-mail addresses on your organization’s domain suddenly appeared in a data breach, or if an IP address on your network appeared in a botnet tracker? Use SpiderFoot to continually monitor OSINT data sources and detect when new intelligence is discovered about your organization.

Learn more

Features

Integrations

There’s probably no OSINT data source that SpiderFoot doesn’t already have an integration for today. And if you want to see one added, simply put in a request. Its modular open source architecture means it can usually implement it in days, not months.

Do you use another tool for the initial reconnaissance phase or have a list of entities you’ve extracted from logs locally? No problem, import your list of targets from Hunchly or CSV and let SpiderFoot take care of the deeper data collection.

Prefer working with the results on the command line or your own offline database? With SpiderFoot you can easily export the data into JSON, CSV or GEXF format. You should never have the fear of lock-in by proprietary databases or file formats. It’s your data, your way.

If you want to be notified when a scan completes, or when the OSINT data out there about your target changes, you can configure SpiderFoot HX to send notifications to Slack, generic Web-hooks and/or e-mail.

Recent News

SpiderFoot is continuously growing. Check us out on Twitter for the latest news.