We use cookies

This website use cookies to give you the best, most relevant experience. By continuing to use this website you’re accepting this. If you wish to find out more, click this link (or by clicking the Privacy link at the bottom of any page)

SpiderFoot HX:
OSINT for Professionals

Immediate free access to SpiderFoot HX

SpiderFoot HX Features

For professionals who want to automate OSINT for threat intelligence, asset discovery, attack surface monitoring or security assessments

Scan, Investigate, Monitor

Collect OSINT without the toil

Are you still using ad-hoc scripts to query APIs, scrape websites and filter through false positives? SpiderFoot HX enables you to “fire and forget” scan to collect OSINT from over 100 data sources without writing a single line of code.

Get to interesting data more quickly

Aside from normalizing scan results for you and giving you a range of ways to work with the data, SpiderFoot HX also automatically analyzes scan data to identify data points that may be of most interest through its Correlations feature.

Know when data changes

Run scans automatically daily, weekly or monthly and be notified of any changes that were identified, such as newly exposed ports, new data breaches or newly identified vulnerabilities.

One API to rule them all

If web interfaces aren’t your thing, you’ll be pleased to know that SpiderFoot HX provides a RESTful API to run scans, query data and more. Use one API to integrate with all of your OSINT APIs.

Putting the Open into OSINT

Write your own modules in Python and run them in the cloud, and have scan data fed in real time to your Splunk or ElasticSearch instance.


What's the difference between the open source version and SpiderFoot HX?

The open source version of SpiderFoot is great if you're starting out with OSINT, or are happy to install and manage SpiderFoot yourself and don't need any of the advanced features of SpiderFoot HX such as monitoring, correlations, etc. Check out this resource for an overview of the differences between the two.

What payment methods are supported?

Each plan can be subscribed to using a credit card or PayPal which will be charged monthly/annually on the anniversary of your initial subscription. Ordering with a purchase order and payment by wire transfer is also possible, however only for annual subscriptions of the Professional and Enterprise plans. We do not support payment by cryptocurrency.

How are scans counted?

Every scan you run under the 'Scans' section, and every time a Monitor runs to check your target(s), a scan is performed and therefore counted towards your quota. Investigations are not counted.

What exactly is a target and how is it counted?

When you run a SpiderFoot HX scan or set up a Monitor, you need to specify the targets for that scan, which can be an IP address, subnet, ASN, e-mail address, name, domain name and so on. Each one of these counts as one target except for subnets, which count as the number of IP addresses in that subnet. For instance, if you scan "", that's one target. If you scan "", that's 255 targets. If your scan targets "", "", "" and "", that's 1 + 1 + 255 + 1 = 258 targets.

What if I want to subscribe just for one month?

Once you have subscribed, simply cancel the subscription. Then, on the effective cancellation date (the date until when you have paid), you will be automatically switched back to the free Hobby plan.

Do any plans have API keys for the different data sources included?

No, in all cases you must obtain your own API keys for the different services you wish to use.

What people are saying