The first step of an attack is reconnaissance. There are about 4,058,384,1938,489,104 tools out there to do some sort of recon. One of the important parts of recon is that you don’t do anything that could be labeled as malicious by your target. Ideally, it would be entirely passive and the target won’t know anything is going on. We can get more into hacker methodology another time.
Automation is probably my favorite thing in the world. SpiderFoot brings that to the table while doing recon. It’s very simple to install and use on any platform. They have some awesome documentation available on their site to walk you through the entire process. Once it’s installed and running you access it through the simple web server it starts.
We need to put in a few API keys before we kick a scan off. As it explains in the API Keys Section, we need keys for Honeypot Checker, SHODAN, and VirusTotal. These tools are pretty useful so I strongly suggest getting the keys.
Now that we have a full arsenal of tools at our disposal, we can scan. Click “New Scan” in your SpiderFoot web console. Name your scan, input your target, then Select All modules. This is going to take a long time to run but you can totally fire and forget. It took me a few days for this to finish from a Raspberry Pi on my last pentest. Don’t think it’s a 20 minute job.
Once it is done, you’ll find a LOT of information. It probably won’t all be useful to you, however, if there is something out there about your target this should find it. SpiderFoot does a nice job making the data readable. There is also a clean graph showing relationships between data gathered. I wish I could go in further about how I was able to use the data. However, a magician never reveals his tricks… or something like that.
I hope you enjoy SpiderFoot as much as I do!