SpiderFoot 2.7.0 is now available, with more modules, added functionality and bug fixes since 2.5.0 was last announced on this list. SpiderFoot is an open source intelligence gathering / reconnaissance tool utilising over *50* data sources and methods, all driven through a snappy web UI.
Here's what's new since 2.5.0..
- *6* new modules:
- BotScout.com search for malicious e-mail addresses
- MalwarePatrol.net search
- IBM X-Force Threat Exchange search
- Amazon S3 bucket search
- Phone number identification
- Public vulnerability search (PunkSpider and XSSposed)
- Authentication and HTTPS support
- Scan by use case: e.g. use "Passive" for gathering info without touching the target
- SpamCop, bitcash.cz, VXVault, VOIPBL and more added as malicious data sources
- Pastie and Notepad.cc added as data paste sources
- Data can be flagged as false positive in the UI (with trickle-down effect)
- Bunch of bug fixes and minor enhancements
- User manual updated: http://www.spiderfoot.net/docu
Feel free to mail me any questions, enhancement requests or general feedback.
-
Website incl. screenshots and docs: http://www.spiderfoot.net
GitHub: https://github.com/smicallef/s
Twitter: https://twitter.com/binarypool
Thanks,
Steve
------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
Komentarų nėra:
Rašyti komentarą