# OSINT Framework

## OSINT Framework

### Spiderfoot

**SpiderFoot** is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.

SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It's written in **Python 3** and **GPL-licensed**.

#### Installation

{% embed url="<https://github.com/smicallef/spiderfoot#installing--running>" %}

```
wget https://github.com/smicallef/spiderfoot/archive/v3.4.tar.gz
tar zxvf v3.4.tar.gz
cd spiderfoot-3.4
pip3 install -r requirements.txt
python3 ./sf.py -l 127.0.0.1:5001
```

#### Running a scan

We run a scan against our target: breachdefs.com

![How to run a scan with SpiderFoot](https://3042479842-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mg9lbsm9-YvGLXNeKT0%2F-MjjDllcfjeM7bTnTVFt%2F-Mk2cPLO7nQjnAz1-Xgt%2Fimage.png?alt=media\&token=378545e7-1af4-41eb-ba83-f15483384d5c)

#### Results

Once finish we can visualize our results as a graph.

![Graph results of the scan](https://3042479842-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mg9lbsm9-YvGLXNeKT0%2F-MjjDllcfjeM7bTnTVFt%2F-Mk2_eUIwwzyoQizPRko%2Fimage.png?alt=media\&token=d4fe9fc4-d113-4f28-8e82-5a78b24b534a)

From it we can see that:

* there is an exchange server running on 192.168.42.11
* a webserver at <https://www.breachdefs.com>
* we also get an email: <david_lightman@breachdefs.com>

### Amass

The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.

#### Installation

{% embed url="<https://github.com/OWASP/Amass#installation---->" %}

```
apt install amass
```

#### Running a scan

```
amass enum -d breachdefs.com
```

#### Results

Once finish we get two subdomains: [www.breachdefs.com](http://www.breachdefs.com) and owa.breachdefs.com

![Amass results](https://3042479842-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mg9lbsm9-YvGLXNeKT0%2F-Mk2mHE-bCYaamOPgaJc%2F-Mk2odX44dzBzaCaL4oj%2Fimage.png?alt=media\&token=96a8cbdf-50fa-4723-a43a-b01277cb2fd3)