smicallef / spiderfoot, Hacker News

sfp_abusech.py ​​ abuse.ch Check if a host / domain, IP or netblock is malicious according to abuse.ch. sfp_abuseipdb.py AbuseIPDB Check if a netblock or IP is malicious according to AbuseIPDB.com. sfp_accounts.py Accounts Look for possible associated accounts on nearly 823 websites like Ebay, Slashdot, reddit, etc. sfp_adblock.py AdBlock Check Check if linked pages would be blocked by AdBlock Plus. sfp_ahmia.py Ahmia Search Tor ‘Ahmia’ search engine for mentions of the target domain. sfp_alienvaultiprep.py AlienVault IP Reputation Check if an IP or netblock is malicious according to the AlienVault IP Reputation database. sfp_alienvault.py AlienVault OTX Obtain information from AlienVault Open Threat Exchange (OTX) sfp_apility.py Apility Search Apility API for IP address and domain reputation. sfp_archiveorg.py Archive.org Identifies historic versions of interesting files / pages from the Wayback Machine. sfp_arin.py ARIN Queries ARIN registry for contact information. sfp_azureblobstorage.py Azure Blob Finder Search for potential Azure blobs associated with the target and attempt to list their contents. sfp_badipscom.py badips.com Check if a domain or IP is malicious according to badips.com. sfp_bambenek.py Bambenek C&C List Check if a host / domain or IP appears on Bambenek Consulting’s C&C tracker lists. sfp_base 64. py Base 200 Identify Base 64 – encoded strings in any content and URLs, often revealing interesting hidden information. sfp_bgpview.py BGPView Obtain network information from BGPView API. sfp_binaryedge.py BinaryEdge Obtain information from BinaryEdge.io’s Internet scanning systems about breaches, vulerabilities, torrents and passive DNS. sfp_bingsearch.py ​​ Bing Obtain information from bing to identify sub-domains and links. sfp_bingsharedip.py Bing (Shared IPs) Search Bing for hosts sharing the same IP. sfp_binstring.py Binary String Extractor Attempt to identify strings in binary content. sfp_bitcoin.py Bitcoin Finder Identify bitcoin addresses in scraped webpages. sfp_blockchain.py Blockchain Queries blockchain.info to find the balance of identified bitcoin wallet addresses. sfp_blocklistde.py blocklist.de Check if a netblock or IP is malicious according to blocklist.de. sfp_botscout.py BotScout Searches botscout.com’s database of spam-bot IPs and e-mail addresses. sfp_builtwith.py BuiltWith Query BuiltWith.com’s Domain API for information about your target’s web technology stack, e-mail addresses and more. sfp_callername.py CallerName Lookup US phone number location and reputation information. sfp_censys.py Censys Obtain information from Censys.io sfp_cinsscore.py CINS Army List Check if a netblock or IP is malicious according to cinsscore.com’s Army List. sfp_circllu.py CIRCL.LU Obtain information from CIRCL.LU’s Passive DNS and Passive SSL databases. sfp_citadel.py Citadel Engine Searches Leak-Lookup.com’s database of breaches. sfp_cleanbrowsing.py Cleanbrowsing.org Check if a host would be blocked by Cleanbrowsing.org DNS sfp_cleantalk.py CleanTalk Spam List Check if an IP is on CleanTalk.org’s spam IP list. sfp_clearbit.py Clearbit Check for names, addresses, domains and more based on lookups of e-mail addresses on clearbit.com. sfp_coinblocker.py CoinBlocker Lists Check if a host / domain or IP appears on CoinBlocker lists. sfp_commoncrawl.py CommonCrawl Searches for URLs found through CommonCrawl.org. sfp_comodo.py Comodo Check if a host would be blocked by Comodo DNS sfp_company.py Company Names Identify company names in any obtained data. sfp_cookie.py Cookies Extract Cookies from HTTP headers. sfp_crossref.py Cross-Reference Identify whether other domains are associated (‘Affiliates’) of the target. sfp_crt.py Certificate Transparency Gather hostnames from historical certificates in crt.sh. sfp_customfeed.py Custom Threat Feed Check if a host / domain, netblock, ASN or IP is malicious according to your custom feed. sfp_cybercrimetracker.py cybercrime-tracker.net Check if a host / domain or IP is malicious according to cybercrime-tracker.net. sfp_darksearch.py ​​ Darksearch Search the Darksearch.io Tor search engine for mentions of the target domain. sfp_digitaloceanspace.py Digital Ocean Space Finder Search for potential Digital Ocean Spaces associated with the target and attempt to list their contents. sfp_dnsbrute.py DNS Brute-force Attempts to identify hostnames through brute-forcing common names and iterations. sfp_dnscommonsrv.py DNS Common SRV Attempts to identify hostnames through common SRV. sfp_dnsneighbor.py DNS Look-aside Attempt to reverse-resolve the IP addresses next to your target to see if they are related. sfp_dnsraw.py DNS Raw Records Retrieves raw DNS records such as MX, TXT and others. sfp_dnsresolve.py DNS Resolver Resolves Hosts and IP Addresses identified, also extracted from raw content. sfp_dnszonexfer.py DNS Zone Transfer Attempts to perform a full DNS zone transfer. sfp_dronebl.py DroneBL Query the DroneBL database for open relays, open proxies, vulnerable servers, etc. sfp_duckduckgo.py DuckDuckGo Query DuckDuckGo’s API for descriptive information about your target. sfp_emailformat.py EmailFormat Look up e-mail addresses on email-format.com. sfp_email.py E-Mail Identify e-mail addresses in any obtained data. sfp_emailrep.py EmailRep Search EmailRep.io for email address reputation. sfp_errors.py Errors Identify common error messages in content like SQL errors, etc. sfp_ethereum.py Ethereum Finder Identify ethereum addresses in scraped webpages. sfp_filemeta.py File Metadata Extracts meta data from documents and images. sfp_flickr.py Flickr Look up e-mail addresses on Flickr. sfp_fortinet.py Fortiguard.com Check if an IP is malicious according to Fortiguard.com. sfp_fraudguard.py Fraudguard Obtain threat information from Fraudguard.io sfp_fringeproject.py Fringe Project Obtain network information from Fringe Project API. sfp_fsecure_riddler.py F-Secure Riddler.io Obtain network information from F-Secure Riddler.io API. sfp_fullcontact.py FullContact Gather domain and e-mail information from fullcontact.com. sfp_github.py Github Identify associated public code repositories on Github. sfp_googlemaps.py Google Maps Identifies potential physical addresses and latitude / longitude coordinates. sfp_googlesearch.py ​​ Google Obtain information from the Google Custom Search API to identify sub-domains and links. sfp_gravatar.py Gravatar Retrieve user information from Gravatar API. sfp_greynoise.py Greynoise Obtain information from Greynoise.io’s Enterprise API. sfp_h1nobbdde.py HackerOne (Unofficial) Check external vulnerability scanning / reporting service h1.nobbd.de to see if the target is listed. sfp_hackertarget.py HackerTarget.com Search HackerTarget.com for hosts sharing the same IP. sfp_haveibeenpwned.py HaveIBeenPwned Check HaveIBeenPwned.com for hacked e-mail addresses identified in breaches. sfp_honeypot.py Honeypot Checker Query the projecthoneypot.org database for entries. sfp_hosting.py Hosting Providers Find out if any IP addresses identified fall within known 3rd party hosting ranges, e.g. Amazon, Azure, etc. sfp_hostsfilenet.py hosts-file.net Malicious Hosts Check if a host / domain is malicious according to hosts-file.net Malicious Hosts. sfp_hunter.py Hunter.io Check for e-mail addresses and names on hunter.io. sfp_iknowwhatyoudownload.py Iknowwhatyoudownload.com Check iknowwhatyoudownload.com for IP addresses that have been using BitTorrent. sfp_instagram.py Instagram Gather information from Instagram profiles. sfp_intelx.py IntelligenceX Obtain information from IntelligenceX about identified IP addresses, domains, e-mail addresses and phone numbers. sfp_intfiles.py Interesting Files Identifies potential files of interest, e.g. office documents, zip files. sfp_ipinfo.py IPInfo.io Identifies the physical location of IP addresses identified using ipinfo.io. sfp_ipstack.py ipstack Identifies the physical location of IP addresses identified using ipstack.com. sfp_isc.py Internet Storm Center Check if an IP is malicious according to SANS ISC. sfp_junkfiles.py Junk Files Looks for old / temporary and other similar files. sfp_malwaredomainlist.py malwaredomainlist.com Check if a host / domain, IP or netblock is malicious according to malwaredomainlist.com. sfp_malwaredomains.py malwaredomains.com Check if a host / domain is malicious according to malwaredomains.com. sfp_malwarepatrol.py MalwarePatrol Searches malwarepatrol.net’s database of malicious URLs / IPs. sfp_metadefender.py MetaDefender Search MetaDefender API for IP address and domain IP reputation. sfp_mnemonic.py Mnemonic PassiveDNS Obtain Passive DNS information from PassiveDNS.mnemonic.no. sfp_multiproxy.py multiproxy.org Open Proxies Check if an IP is an open proxy according to multiproxy.org ‘open proxy list. sfp_myspace.py MySpace Gather username and location from MySpace.com profiles. sfp_names.py Name Extractor Attempt to identify human names in fetched content. sfp_neutrinoapi.py NeutrinoAPI Search NeutrinoAPI for IP address info and check IP reputation. sfp_norton.py Norton ConnectSafe Check if a host would be blocked by Norton ConnectSafe DNS sfp_nothink.py Nothink.org Check if a host / domain, netblock or IP is malicious according to Nothink.org. sfp_numpi.py numpi Lookup USA / Canada phone number location and carrier information from numpi.com. sfp_numverify.py numverify Lookup phone number location and carrier information from numverify.com. sfp_onioncity.py Onion.link Search Tor ‘Onion City’ search engine for mentions of the target domain. sfp_onionsearchengine.py Onionsearchengine.com Search Tor onionsearchengine.com for mentions of the target domain. sfp_openbugbounty.py Open Bug Bounty Check external vulnerability scanning / reporting service openbugbounty.org to see if the target is listed. sfp_opencorporates.py OpenCorporates Look up company information from OpenCorporates. sfp_opendns.py OpenDNS Check if a host would be blocked by OpenDNS DNS sfp_openphish.py OpenPhish Check if a host / domain is malicious according to OpenPhish.com. sfp_openstreetmap.py OpenStreetMap Retrieves latitude / longitude coordinates for physical addresses from OpenStreetMap API. sfp_pageinfo.py Page Info Obtain information about web pages (do they take passwords, do they contain forms, etc.) sfp_pastebin.py PasteBin PasteBin scraping (via Google) to identify related content. sfp_pgp.py PGP Key Look-up Look up e-mail addresses in PGP public key servers. sfp_phishtank.py PhishTank Check if a host / domain is malicious according to PhishTank. sfp_phone.py Phone Numbers Identify phone numbers in scraped webpages. sfp_portscan_tcp.py Port Scanner – TCP Scans for commonly open TCP ports on Internet-facing systems. sfp_psbdmp.py Psbdmp.com Check psbdmp.cc (PasteBin Dump) for potentially hacked e-mails and domains. sfp_pulsedive.py Pulsedive Obtain information from Pulsedive’s API. sfp_quad9.py Quad9 Check if a host would be blocked by Quad9 sfp_ripe.py RIPE Queries the RIPE registry (includes ARIN data) to identify netblocks and other info. sfp_riskiq.py RiskIQ Obtain information from RiskIQ’s (formerly PassiveTotal) Passive DNS and Passive SSL databases. sfp_robtex.py Robtex Search Robtex.com for hosts sharing the same IP. sfp_s3bucket.py Amazon S3 Bucket Finder Search for potential Amazon S3 buckets associated with the target and attempt to list their contents. sfp_scylla.py Scylla Gather breach data from Scylla API. sfp_securitytrails.py SecurityTrails Obtain Passive DNS and other information from SecurityTrails sfp_shodan.py SHODAN Obtain information from SHODAN about identified IP addresses. sfp_similar.py Similar Domains Search various sources to identify similar looking domain names, for instance squatted domains. sfp_skymem.py Skymem Look up e-mail addresses on Skymem. sfp_slideshare.py SlideShare Gather name and location from SlideShare profiles. sfp_socialprofiles.py Social Media Profiles Tries to discover the social media profiles for human names identified. sfp_social.py Social Networks Identify presence on social media networks such as LinkedIn, Twitter and others. sfp_sorbs.py SORBS Query the SORBS database for open relays, open proxies, vulnerable servers, etc. sfp_spamcop.py SpamCop Query various spamcop databases for open relays, open proxies, vulnerable servers, etc. sfp_spamhaus.py Spamhaus Query the Spamhaus databases for open relays, open proxies, vulnerable servers, etc. sfp_spider.py Spider Spidering of web-pages to extract content for searching. sfp_spyonweb.py SpyOnWeb Search SpyOnWeb for hosts sharing the same IP address, Google Analytics code, or Google Adsense code. sfp_sslcert.py SSL Certificates Gather information about SSL certificates used by the target’s HTTPS sites. sfp_ssltools.py SSL Tools Gather information about SSL certificates from SSLTools.com. sfp__stor_db.py Storage Stores scan results into the back-end SpiderFoot database. You will need this. sfp__stor_stdout.py Command-line output Dumps output to standard out. Used for when a SpiderFoot scan is run via the command-line. sfp_strangeheaders.py Strange Headers Obtain non-standard HTTP headers returned by web servers. sfp_talosintel.py Talos Intelligence Check if a netblock or IP is malicious according to talosintelligence.com. sfp_threatcrowd.py ThreatCrowd Obtain information from ThreatCrowd about identified IP addresses, domains and e-mail addresses. sfp_threatexpert.py ThreatExpert.com Check if a host / domain or IP is malicious according to ThreatExpert.com. sfp_threatminer.py ThreatMiner Obtain information from ThreatMiner’s database for passive DNS and threat intelligence. sfp_tldsearch.py ​​ TLD Search Search all Internet TLDs for domains with the same name as the target (this can be very slow.) sfp_tool_cmseek.py Tool – CMSeeK Identify what Content Management System (CMS) might be used. sfp_tool_dnstwist.py Tool – DNSTwist Identify bit-squatting, typo and other similar domains to the target using a local DNSTwist installation. sfp_tool_whatweb.py Tool – WhatWeb Identify what software is in use on the specified website. sfp_torch.py ​​ TORCH Search Tor ‘TORCH’ search engine for mentions of the target domain. sfp_torexits.py TOR Exit Nodes Check if an IP or netblock appears on the torproject.org exit node list. sfp_totalhash.py TotalHash.com Check if a host / domain or IP is malicious according to TotalHash.com. sfp_twitter.py Twitter Gather name and location from Twitter profiles. sfp_uceprotect.py UCEPROTECT Query the UCEPROTECT databases for open relays, open proxies, vulnerable servers, etc. sfp_urlscan.py URLScan.io Search URLScan.io cache for domain information. sfp_venmo.py Venmo Gather user information from Venmo API. sfp_viewdns.py ViewDNS.info Reverse Whois lookups using ViewDNS.info. sfp_virustotal.py VirusTotal Obtain information from VirusTotal about identified IP addresses. sfp_voipbl.py VoIPBL OpenPBX IPs Check if an IP or netblock is an open PBX according to VoIPBL OpenPBX IPs. sfp_vxvault.py VXVault.net Check if a domain or IP is malicious according to VXVault.net. sfp_watchguard.py Watchguard Check if an IP is malicious according to Watchguard’s reputationauthority.org. sfp_webanalytics.py Web Analytics Identify web analytics IDs in scraped webpages and DNS TXT records. sfp_webframework.py Web Framework Identify the usage of popular web frameworks like jQuery, YUI and others. sfp_webserver.py Web Server Obtain web server banners to identify versions of web servers being used. sfp_whatcms.py WhatCMS Check web technology using WhatCMS.org API. sfp_whoisology.py Whoisology Reverse Whois lookups using Whoisology.com. sfp_whois.py Whois Perform a WHOIS look-up on domain names and owned netblocks. sfp_whoxy.py Whoxy Reverse Whois lookups using Whoxy.com. sfp_wigle.py Wigle.net Query wigle.net to identify nearby WiFi access points. sfp_wikileaks.py Wikileaks Search Wikileaks for mentions of domain names and e-mail addresses. sfp_wikipediaedits.py Wikipedia Edits Identify edits to Wikipedia articles made from a given IP address or username. sfp_xforce.py XForce Exchange Obtain information from IBM X-Force Exchange sfp_yandexdns.py Yandex DNS Check if a host would be blocked by Yandex DNS sfp_zoneh.py Zone-H Defacement Check Check if a hostname / domain appears on the zone-h.org ‘special defacements’ RSS feed.