SpiderFoot is an open source footprinting tool, available for Windows and Linux. It is written in Python and provides an easy-to-use GUI. SpiderFoot obtains a wide range of information about a target, such as web servers, netblocks, e-mail addresses and more. SpiderFoot’s simple web-based interface enables you to kick off a scan immediately after install – just give your scan a name, the domain name of your target and select which modules to enable.

SpiderFoot is an open source footprinting tool designed to be easy to use, fast and extensible

The main objective of SpiderFoot is to automate this process to the greatest extent possible, freeing up a penetration tester’s time to focus their efforts on the security testing itself.

  • Start with a target of more than just domains (Hostnames, IPs, Netblocks, etc.)
  • Clean-up back-end data model to be more flexible
  • Simultaneous scans
  • More threading for faster performance
  • Search/Filtering
  • Bunch of bug fixes



the process of understanding as much as possible about a given target in order to perform a more complete security penetration test. Particularly for large networks, this can be a daunting task.




SpiderFoot is designed from the ground-up to be modular. This means you can easily add your own modules that consume data from other modules to perform whatever task you desire. As a simple example, you could create a module that automatically attempts to brute-force usernames and passwords any time a password-handling webpage is identified by the spidering module.

Installing and Running on Unix

SpiderFoot is written in Python (2.6-2.7), so to run on Linux/Solaris/etc. you need Python 2.6 or 2.7 installed, in addition to the netaddr, lxml, M2Crypto, CherryPy and Mako modules.

To install the dependencies using PIP:

$ pip install lxml netaddr M2Crypto cherrypy mako

SpiderFoot was developed against lxml 3.3.5, netaddr 0.7.10, M2Crypto 0.20.2, CherryPy 3.2.2 and Mako 0.7.2.

DNSPython is also a dependency but is included in the package under the dns directory, so does not need to be installed.

Depending on your Linux build, you may also need SWIG installed. If your Linux distribution supports APT, you can install it with:

$ sudo apt-get install swig

All other module dependencies, such as SQLite3, are included with Python, so nothing further should be needed.

To run SpiderFoot, simply execute from the directory you extracted SpiderFoot into:

$ python ./

Once executed, a web-server will be started, which by default will listen on You can then use the web-browser of your choice by browsing to

If you wish to make SpiderFoot accessible from another system, for example running it on a server and controlling it remotely, then you can specify an external IP for SpiderFoot to bind to, or use so that it binds to all addresses, including

$ python ./

If port 5001 is used by another application on your system, you can change the port:

$ python ./

spiderfoot wikiA word of CAUTION:

SpiderFoot does not authenticate users connecting to it’s user-interface (feature coming soon..), so avoid running it on a server/workstation that can be accessed from untrusted devices, as they will be able to control SpiderFoot remotely and initiate scans from your devices.

Source && Download

spiderfoot download

Visitors Rating
Rate Here
Ease Of Use
Overall Rating
Visitors Rating
3 ratings
You have rated this
What's your reaction?

You must log in to post a comment