Scribd
Upload
31 views4 pages

IP Geolocation Using Spiderfoot Tool

The document outlines Experiment No. 9, which aims to determine the geolocation of IP addresses using the Spiderfoot tool. It explains the theory behind IP geolocation, its common use cases, and provides a step-by-step procedure for installing and using Spiderfoot to gather geolocation data. The experiment highlights the importance of this process for cybersecurity, threat intelligence, and digital marketing.

Uploaded by

Atharva Deore
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views4 pages

IP Geolocation Using Spiderfoot Tool

The document outlines Experiment No. 9, which aims to determine the geolocation of IP addresses using the Spiderfoot tool. It explains the theory behind IP geolocation, its common use cases, and provides a step-by-step procedure for installing and using Spiderfoot to gather geolocation data. The experiment highlights the importance of this process for cybersecurity, threat intelligence, and digital marketing.

Uploaded by

Atharva Deore
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Experiment No.

Aim: Determine the geolocation (country, city, or approximate location) of each IP address. One
can use online IP geolocation tools, databases, and various techniques to gather information and
accurately identify the physical location associated with each IP.
Tool used: Spiderfoot

Theory:

What is IP Geolocation?

IP Geolocation is the process of mapping an IP address to a physical location in the world. It


helps identify the geographic region, city, ISP, and organization associated with an IP.

Common use cases include:

●​ Network security and fraud detection


●​ Digital marketing and analytics
●​ Law enforcement and cybercrime investigations​

Spiderfoot Overview:

Spiderfoot is an open-source OSINT automation tool that helps in scanning and gathering
information about IPs, domains, emails, usernames, and more. It integrates with over 100 data
sources (e.g., Shodan, Whois, MaxMind GeoIP, etc.) to extract:

●​ Geolocation data
●​ Network infrastructure
●​ Ownership details
●​ Historical footprint

Spiderfoot can be used via a web GUI or CLI.

Tools and Requirements:

●​ Spiderfoot (Install via pip or Docker)


●​ Internet connection for accessing OSINT data sources
●​ IP addresses for testing (e.g., [Link], [Link], etc.)
Procedure:

Step 1: Install Spiderfoot


git clone [Link]
cd spiderfoot
pip install -r [Link]
python3 [Link] -l [Link]:5001

Step 2: Access Spiderfoot Web UI


Navigate to [Link]
●​ Create a new scan.
●​ Set scan target as an IP address.
●​ Enable modules such as:
○​ IP_GEOLOCATION
○​ WHOIS
○​ SHODAN​

Step 3: Run the Scan

●​ Click "Start Scan".


●​ Monitor the scan status and wait for completion.​

Step 4: Analyze the Results

●​ View geolocation details: country, city, ISP


●​ Check infrastructure and ownership info
●​ Export the report in HTML, CSV, or JSON format​

Example Result:

For target IP [Link]:


Conclusion:

This experiment demonstrated how to determine the geolocation of an IP address using OSINT
tools like Spiderfoot. By automating multiple information sources, Spiderfoot helps identify
where an IP is located and what entity owns it. This is valuable for threat intelligence,
cybersecurity investigations, and geofencing strategies.

You might also like