Docs and source notes
SpiderFoot World source map
This page explains what the planner covers, what it does not do, and how source facts are separated from conversion paths.
| Page | Primary intent | Next action | Source evidence |
|---|---|---|---|
| Homepage | SpiderFoot OSINT planning workspace and product entity | /pricing/ | Upstream README, LICENSE, modules, correlations, and Docker files |
| OSINT automation | Targets, modules, API key requirements, evidence outputs, and analyst review | /pricing/ | README feature list and modules table |
| Attack surface | Domain, subdomain, IP, ASN, cloud bucket, open-port, and exposure planning | /pricing/ | README target list and module examples |
| Threat intelligence | Indicator enrichment, blacklist checks, breach checks, and handoff | /pricing/ | README integrations and threat intelligence modules |
| Self-host | Python 3.7+, Docker, SQLite, TOR, exports, updates, and operations | /pricing/ | README install commands, Docker files, requirements, and VERSION |
| Modules | Module selection, API key planning, export path, and scan profile design | /pricing/ | Local clone module inventory and README module list |
| Keyword evidence | Strong-relevance keyword candidates, MiroFish proof status, and unique landing pages | /pricing/ | Skill keyword rules and local keyword matrix |
Keyword rule: see /keyword-evidence/ for the traffic keyword matrix. Terms are not called validated traffic keywords until same-request MiroFish Trends proof or official Trends CSV evidence exists.
Source boundary: official site spiderfoot.net, official docs spiderfoot.net/documentation, and GitHub repo github.com/smicallef/spiderfoot are treated as evidence. They are not checkout, demo, signup, or primary CTA destinations on this site.
Facts JSON: /.well-known/spiderfoot-world.json exposes the independent relationship, upstream facts, and planner capability names for AI and search systems.