It’s been a long time in the making, but the latest version of SpiderFoot HX is now alive and kicking in production! This is a mammoth release consisting of features across every aspect of the platform…

15 New Modules + Improvements

We’ve finally crossed the 200 module mark! This release includes 15 new modules across a few different categories, plus improvements to existing modules.

We’re always on the look out for new data sources to pull in ever more OSINT and many of the below were contributions from our open source community, primarily @_bcoles. Get in touch with us if you’d like to see a data source added or already have some custom modules to contribute!

Host and Sub-domain Identification

Threat Intelligence

Enrichment & more

Module Improvements

  • Emailrep module now takes an API key
  • Spyse module has been updated to use API v3
  • Scylla module has been updated to use their new API
  • Many other miscellaneous bug fixes, false positive reductions and data quality improvements

Video Tutorials

Available from within the UI and also our YouTube channel, we produced 6 short videos (with more to follow!) to illustrate key aspects of the SpiderFoot HX interface. Here’s the first video on how to run a scan:

Check out our YouTube channel for more.

Overhauled Browsing Interface

The interface for browsing scan data has been completely overhauled. Check out this short video to get a glimpse into the new capabilities, but the best way is to log in (or create an account if you haven’t already) and try it out first hand!

Monitoring Timeline

One of the main use cases for SpiderFoot is attack surface monitoring, so viewing the changes in your OSINT profile over time is essential. The new interface breaks down all identified changes (correlations and data elements) over time:

API key Instructions

Due to popular demand, we’ve embedded instructions in the API Key Manager on how to obtain the API keys for each source, including links to the data sources:

Each API key includes instructions on how to obtain the key.

Bitcoin Addresses as Targets

Up until now, SpiderFoot would extract Bitcoin addresses found during scans and look them up in the blockchain to get their balance. Now, Bitcoin addresses have become a first class citizen in SpiderFoot HX, so you can target them for intelligence gathering leveraging the two new modules (BitcoinAbuse and BitcoinWhosWho) to determine whether they have been reported as part of any scams.

So Much More

Here’s a glimpse into some of the other improvements that made their way into this release:

  • Star data for quickly getting to data you found interesting during data browsing
  • Select modules by category when running scans
  • Entity history in the entity detail pop-up
  • Exports of filtered data are now possible
  • Many bug fixes

Feel free to register for a SpiderFoot HX account (instant access, no credit card needed) if you haven’t already.