New Modules

This release introduces three new modules:

  • sfp_junkfiles: Identification of backup and junk files. Depending on how ‘clean’ the deployment methodology of a target is, you may find scrap files lying around on a web server, for example files ending in .bak, .old and so on. The module also looks for directory names with various extensions like .zip, .tar and others, in case a backup copy of the folder exists. Finally, miscellaneous junk files like ‘x’, ‘out’ ‘Thumbs.db’ and others are searched for. And of course the file names and extension names are all configurable in the SpiderFoot UI.
  • sfp_adblock: All links identified, internal or external, are checked against the AdBlocker list (configurable.) This can be useful to see if the target contains or links to any sites considered as advertising, or in some cases malicious, by AdBlocker – a popular browser plug-in for filtering out advertising and malicious sites.
  • sfp_errors: Pages dynamically generated may contain errors, sometimes revealing interesting information about the site’s back-end. The module basically applies a number of regular expressions to page content in order to identify potential errors. Errors looked for include PHP errors, Oracle errors, ODBC errors and more.


  • DNS module now identifies IPv6 AAAA records for hosts.
  • Malware checker module now also queries

Bug fixes

  • Visualisations of the discovery path were broken in some cases, and this has now been fixed.
  • Bing and Robtex parsing seems to have broken, possibly due to changes in their sites, which is now fixed.