This brief tutorials shows students and new users how to install SpiderFoot on Ubuntu 20.04 | 18.04.
SpiderFoot is an open source vulnerability tool for threat intelligence, asset discovery, attack surface monitoring or security assessments.
SpiderFoot comes in two flavors: The open source version and SpiderFoot HX for professionals looking for lot more features that are not available in the open source version.
With the open source version, most of the modules from SpiderFoot HX are available, but the ability to navigate, visualize, monitor and investigate is not available. You’ll be able to export the data from SpiderFoot in CSV, JSON or GEXF and work with the data in other tools.
For more about SpiderFoot, visit its homepage.
To get started with installing SpiderFoot on Ubuntu, follow the steps below:
Install Python
SpiderFoot is written in Python and required it to be install on the host machine. To get Python on Ubuntu, run the commands below:
sudo apt update sudo apt install python3 python3-pip
After the above packages are installed, go and download SpiderFoot package.
Install SpiderFoot
Run the commands below to download SpiderFoot version 3.3 from github.
cd ~ wget
This will download in your home directory. Once downloaded, run the commands below to extract the downloaded archived.
The next commands change into the extracted folder and install all requirements to run SpiderFoot.
tar -xvzf v3.3.tar.gz cd spiderfoot-3.3 pip3 install -r requirements.txt
After running the commands above, SpiderFoot should be installed and ready to use.
SpiderFoot is shipped with a help file that contains options that can be used with the command. To invoke the help file, run the commands below:
python3 sf.py --help
Output of the help command option.
sage: sf.py [-h] [-d] [-l IP:port] [-m mod1,mod2,.] [-M] [-s TARGET] [-t type1,type2,.] [-T] [-o tab|csv|json] [-H] [-n] [-r] [-S LENGTH] [-D DELIMITER] [-f] [-F type1,type2,.] [-x] [-q] SpiderFoot 3.3: Open Source Intelligence Automation. optional arguments: -h, --help show this help message and exit -d, --debug Enable debug output. -l IP:port IP and port to listen on. -m mod1,mod2,. Modules to enable. -M, --modules List available modules. -s TARGET Target for the scan. -t type1,type2,. Event types to collect (modules selected automatically). -T, --types List available event types. -o tab|csv|json Output format. Tab is default. If using json, -q is enfor
SpiderFoot also has a web interface. Run the commands below initial the web UI.
python3 sf.py -l localhost:5001
Output of the commands above:
2021-03-31 14:32:59,545 [INFO] Starting web server at localhost:5001 . 2021-03-31 14:32:59,582 [WARNING] ******************************************************************** Warning: passwd file contains no passwords. Authentication disabled. Please consider adding authentication to protect this instance! Refer to ******************************************************************** ************************************************************* Use SpiderFoot by starting your web browser of choice and browse to ************************************************************* 2021-03-31 14:32:59,675 [INFO] [31/Mar/2021:14:32:59] ENGINE Listening for SIGTERM. 2021-03-31 14:32:59,675 [INFO] [31/Mar/2021:14:32:59] ENGINE Listening for SIGHUP. 2021-03-31 14:32:59,675 [INFO] [31/Mar/2021:14:32:59] ENGINE Listening for SIGUSR1. 2021-03-31 14:32:59,676 [INFO] [31/Mar/2021:14:32:59] ENGINE Bus STARTING
Now open your browser and browse to the server hostname or IP address followed by port 5001.
![](https://tolearn.biz/wp-content/uploads/spiderfoot-ubuntu-install-1024x879.webp.webp)
By default, SpiderFoot can be accessed without authentication. If you wish to include username and password, you run the commands below to add your username and password into the password file.
echo "admin:StrongPasswordHere" > passwd
That should allow you to authenticate with username admin and password you type above.
That should do it!
Conclusion:
This post showed you how to install SpiderFoot open source version on Ubuntu 20.04 | 18.04. If you find any error above, please use the comment form below to report.