This lab walks through some simple steps required to get the OSINT tool Spiderfoot up and running on a Kali Linux using Docker.
Spiderfoot is an application that enables you as a pentester/red teamer to collect intelligence about a given subject - email address, username, domain or IP address that may help you in planning and advancing your attacks against them.
Download the Spiderfoot linux package from https://www.spiderfoot.net/download/ and extract it to a location of your choice on your file system.
I extracted it to /root/Downloads/spiderfoot-2.12.0-src/spiderfoot-2.12
and made it my working directory:
You may need to upgrade the pip before it starts giving you trouble:
pip install --upgrade pip
Build Docker Image
Build the spiderfoot docker image :
docker build -t spiderfoot .
Check if the image got created successfully:
You should see the spiderfoot image creted seconds ago:
Run the Spiderfoot Docker
docker run -p 5009:5001-d spiderfoot
The above will run previously created spiderfoot image in the background and expose a TCP port 5009 on the host computer. Any traffic sent to host:5009 will be forwarded to the port 5001 on the docker where spiderfoot is running and listening.
To check if the docker image is running, we can do:
The below confirms the docker is indeed running the spiderfoot image and is listening on port 5001:
Below confirms that the host machine has now exposed the TCP port 5009 (which forwards traffic to the docker's port 5001):
Navigate to your host:5009 to access the spiderfoot UI and start a new scan:
During the scan, we can start observing various pieces of data being returned from the internet:
Drilling down to one of the above categories - DNS records: