1
00:00:00,080 --> 00:00:03,770
Another tool that I would like to show you is called Spider Foot.

2
00:00:04,400 --> 00:00:11,480
Now, Spider foot is a tool that is used to gather information about domain names, IP addresses, email

3
00:00:11,480 --> 00:00:14,180
addresses, usernames, and more.

4
00:00:14,810 --> 00:00:21,380
So it is almost all in one tool that will find information about almost anything, but from my experience,

5
00:00:21,380 --> 00:00:26,690
it does not work effectively with email addresses, phone numbers or usernames.

6
00:00:27,020 --> 00:00:32,630
So I always like to use it to find information about a certain website.

7
00:00:32,660 --> 00:00:38,510
So to install this tool, all you have to do just to open the terminal as root and then type the password.

8
00:00:38,720 --> 00:00:42,680
And then you want to type APT update to update the repositories.

9
00:00:44,300 --> 00:00:49,790
And after this you just want to type apt install spider foot like this and hit enter.

10
00:00:49,790 --> 00:00:52,190
And in my case it's already installed.

11
00:00:53,000 --> 00:00:57,200
Now to run this tool, all you have to do is just to type spider foot like this.

12
00:00:57,200 --> 00:01:04,420
And then minus L and then your local IP address which is always 127001.

13
00:01:04,420 --> 00:01:06,670
And then we are going to add a colon.

14
00:01:06,670 --> 00:01:11,290
And then I'm going to choose nine nine, nine nine as the port number.

15
00:01:11,560 --> 00:01:13,660
And then I'm going to hit enter.

16
00:01:13,660 --> 00:01:20,710
And now if you open your browser and try to visit this address you should be redirected to Spider Foot

17
00:01:20,740 --> 00:01:22,660
graphical user interface.

18
00:01:23,170 --> 00:01:27,070
So let's copy this IP address and open our browser.

19
00:01:27,550 --> 00:01:30,460
And then paste this IP address and hit enter.

20
00:01:30,460 --> 00:01:34,150
And as you can see this is the graphical user interface.

21
00:01:35,290 --> 00:01:37,990
So right now I'm going to click on New Scan.

22
00:01:37,990 --> 00:01:45,430
And we can see that we can scan a domain name hostname subnet bitcoin address, username phone number,

23
00:01:45,460 --> 00:01:47,560
email addresses and more.

24
00:01:48,160 --> 00:01:51,640
Now in my case I would like to scan Cyber Sidewalk.

25
00:01:51,640 --> 00:01:56,650
So I'm going to specify a scan name which is going to be cyber pseudo or whatever.

26
00:01:56,650 --> 00:01:59,470
And then I'm going to add the domain name.

27
00:01:59,470 --> 00:02:01,780
So I'm going to say cyber pseudo.org.

28
00:02:01,990 --> 00:02:04,320
And it has to be like this format.

29
00:02:04,320 --> 00:02:10,080
And then I would like to use the all option and then click on Run Scan now.

30
00:02:10,440 --> 00:02:12,240
And now the scan is running.

31
00:02:12,660 --> 00:02:14,580
So I'm going to click on scans.

32
00:02:14,610 --> 00:02:16,650
These are the scans that I have.

33
00:02:16,680 --> 00:02:20,820
We can see that we are searching for information about cyber student org.

34
00:02:21,750 --> 00:02:23,640
Now this is going to take a lot of time.

35
00:02:23,640 --> 00:02:26,100
So I would like to create a new scan.

36
00:02:26,190 --> 00:02:28,800
And then I would like to call it Rishi Kabra.

37
00:02:28,800 --> 00:02:32,130
And I would like to search for the username Rishi Kapoor.

38
00:02:32,160 --> 00:02:34,320
132 that we have found before.

39
00:02:34,470 --> 00:02:39,000
And as you can see, you need to enter this username in quotes.

40
00:02:39,750 --> 00:02:45,450
So I'm going to add the username within quotes and then click on Run Scan now.

41
00:02:47,370 --> 00:02:54,690
Now let me come back and create a new scan with the name Rishi Kabra number two.

42
00:02:54,720 --> 00:02:59,430
And then I would like to search for Rishi Kabra email address that we have found before, which is Rishi

43
00:02:59,460 --> 00:03:02,550
Kabra 132 at gmail.com.

44
00:03:02,730 --> 00:03:05,730
And then I'm going to click on Run Scan now.

45
00:03:06,960 --> 00:03:11,970
So let me click on scans to view all the scans that I've created.

46
00:03:12,510 --> 00:03:16,830
And we can see that the second scan for Rishi Kabra username is done.

47
00:03:16,830 --> 00:03:21,810
So I'm going to click on it and then click on username again.

48
00:03:21,810 --> 00:03:25,500
And you can see that we did not find any information.

49
00:03:25,680 --> 00:03:31,110
And this is why I always like to use the methods that I've talked about in previous sections.

50
00:03:31,770 --> 00:03:38,280
Now let me come back and see what information I were able to find about Cyber Stalk.

51
00:03:38,970 --> 00:03:42,660
And here you can see a graph of the data types that have been found.

52
00:03:42,690 --> 00:03:45,510
I always like to click on browse.

53
00:03:45,510 --> 00:03:48,120
And these are the information that have been found.

54
00:03:48,120 --> 00:03:51,900
So I can click for example on DNS records.

55
00:03:51,900 --> 00:03:55,890
And these are the txt records of cyber Swarg.

56
00:03:56,460 --> 00:03:59,160
I can come back and click on IP address.

57
00:03:59,160 --> 00:04:03,300
And these are the IP addresses that this domain name is using.

58
00:04:03,870 --> 00:04:05,840
So if you waited more than.

59
00:04:05,840 --> 00:04:07,910
You'll get much more information.

60
00:04:07,910 --> 00:04:13,070
But for now, let's come back to Rishi Kabra email address and see whether it's done or not.

61
00:04:13,070 --> 00:04:15,770
And as you can see, the scan has finished.

62
00:04:15,950 --> 00:04:18,170
So I'm going to open this one.

63
00:04:18,380 --> 00:04:20,870
And here are the information that I have found.

64
00:04:20,870 --> 00:04:23,480
So I'm going to click on the first one.

65
00:04:24,200 --> 00:04:31,370
And we can see that this is very similar to the information that you have got from email reputation.io.

66
00:04:31,670 --> 00:04:38,060
So we can see whether this email is malicious or not or whether it has been found in data leaks or not,

67
00:04:38,060 --> 00:04:42,800
and more, which is something that we have covered in the email Osint section.

68
00:04:43,640 --> 00:04:44,990
Now let me come back.

69
00:04:45,020 --> 00:04:48,800
We can see that it has been found in hacked databases.

70
00:04:48,800 --> 00:04:55,370
And these are the databases that has Rishi Kabra email address, which is information that you can find

71
00:04:55,400 --> 00:04:56,900
on haveibeenpwned.

72
00:04:57,980 --> 00:04:59,330
Now let me come back.

73
00:04:59,330 --> 00:05:01,010
We can see here raw data.

74
00:05:01,010 --> 00:05:02,300
So let me check this.

75
00:05:02,300 --> 00:05:05,270
We can see that the possible name is Rishi Kabra.

76
00:05:05,270 --> 00:05:11,140
And this is the email reputation, and we can see that this email address is associated to a Gravatar

77
00:05:11,140 --> 00:05:14,140
account, which is something that you have gathered before.

78
00:05:14,920 --> 00:05:17,320
Now let me come back and check the username.

79
00:05:17,320 --> 00:05:20,110
We can see that it might be using the username.

80
00:05:20,110 --> 00:05:26,350
Rishi Kapoor won 32 on Gravatar, and we can see the module that has been used to find this information.

81
00:05:27,100 --> 00:05:29,380
Now let me come back to my scans again.

82
00:05:29,380 --> 00:05:33,430
And now we can see that we were able to find 490 elements.

83
00:05:33,430 --> 00:05:35,890
You will get much more information if you waited.

84
00:05:35,890 --> 00:05:40,480
So let me check this again and then go to browse.

85
00:05:40,930 --> 00:05:43,480
And then I can click on co-hosted site.

86
00:05:43,480 --> 00:05:49,270
And these are the websites that are hosted on the same IP address of Cyber Sudoku.

87
00:05:49,270 --> 00:05:49,960
Org.

88
00:05:50,500 --> 00:05:56,560
I can come back and check all of these information that are going to be difficult to find otherwise.

89
00:05:57,220 --> 00:06:03,280
So as you can see, Spider Foot does a great job gathering information about websites, but it does

90
00:06:03,280 --> 00:06:07,900
not gather a lot of information about email addresses, usernames, or phone numbers.