SpiderFoot: Open source OSINT automation tool
Python reconnaissance framework with 200+ OSINT modules.
Learn more about spiderfoot
SpiderFoot is an OSINT automation framework written in Python 3 that aggregates data from over 200 modules to perform reconnaissance on various entity types including IP addresses, domains, email addresses, and usernames. The tool uses a publisher/subscriber model where modules feed data to each other, enabling multi-stage reconnaissance workflows such as subdomain enumeration, threat intelligence lookups, and breach database searches. It includes a SQLite backend for data storage, a YAML-configurable correlation engine with predefined rules, and support for exporting results in CSV, JSON, and GEXF formats. SpiderFoot can be deployed via web interface, command-line, or Docker, and supports integration with external tools like Nmap, DNSTwist, and Whatweb.
Modular Pipeline Architecture
Over 200 modules operate in a publisher/subscriber pattern where output from one module automatically feeds into others. Enables complex multi-stage reconnaissance workflows like subdomain enumeration followed by threat intelligence lookups without manual data passing.
Multiple Deployment Options
Ships with embedded web UI, full-featured CLI, and Docker support in a single package. Run scripted operations headless or use the graphical interface for interactive investigations without switching tools.
YAML Correlation Engine
Includes 37 predefined rules that automatically identify relationships and patterns across collected data. Query results directly from the SQLite backend for custom analysis beyond the built-in correlation logic.
from spiderfoot import SpiderFootScanner
# Initialize scanner and start a basic scan
scanner = SpiderFootScanner()
scan_id = scanner.startScan(
name="Target Domain Scan",
target="example.com",
modules=["sfp_dnsresolve", "sfp_whois", "sfp_emailformat"]
)
print(f"Scan started with ID: {scan_id}")Release notes do not specify breaking changes, requirements, or migration steps; refer to external link for details.
- –Review full release notes at spiderfoot.net to identify any breaking changes or upgrade requirements before deploying.
- –Verify compatibility with existing integrations and configurations as raw notes provide no technical detail.
Release notes do not specify breaking changes, requirements, or migration steps. External link provided but content not included in raw notes.
- –Review full release notes at spiderfoot.net to identify any breaking changes or upgrade requirements.
- –No actionable details available in provided release text; consult external documentation before upgrading.
Release notes do not specify breaking changes, requirements, or migration steps; details available only at external URL.
- –Review full release notes at spiderfoot.net to identify any breaking changes or upgrade requirements.
- –No actionable details provided in the GitHub release text; consult external documentation before upgrading.
See how people are using spiderfoot
Top in Security
Related Repositories
Discover similar tools and frameworks used by developers
fail2ban
Log-based intrusion prevention via dynamic firewall management.
OSINT-Framework
Structured web catalog of free OSINT tools.
nuclei
Template-based multi-protocol security scanner for CI/CD pipelines.
Mobile-Security-Framework-MobSF
Automated pen-testing for Android, iOS, and Windows applications.
grype
Detect vulnerabilities in container images and filesystems.