Arguably the biggest SpiderFoot release in years, SpiderFoot 4.0 introduces the concept of writing your own correlation rules in YAML, plus integration with a number of open source security tools. Correlations SpiderFoot’s goal is to automate OSINT collection and analysis to the greatest extent possible. Since its inception, SpiderFoot has heavily focused on automating OSINT […]

Python is a pretty common choice for a lot of security specialists developing tooling due to its elegant syntax and a huge library of handy modules, packages, and libraries. Its interpreted nature means it’s flexible, has dynamic typing, easy to debug, and cross-platform. It’s arguably pretty easy to pick up as well, meaning it’s more […]

We recently published a bunch of posts about the top 5 APIs for Threat Intelligence, Attack Surface Monitoring, Security Assessments and People Investigations, but in this post we’ve asked hakluke to write about OSINT/reconnaissance techniques that don’t leverage any APIs – best of all, they are all free techniques you can use yourself with your […]

SpiderFoot has over 200 modules, many of which were contributed by the community. Modules exist for extracting OSINT from third parties using APIs, but modules also exist for analysing content from the target directly, for example for extracting email addresses from web content. In this post, community contributor Jess Williams documented her experience writing a […]