OnionScan vs SpiderFoot
GitHub Stats
About OnionScan
OnionScan is a tool for investigating dark web hidden services (.onion sites) for operational security weaknesses. It identifies information leaks that could deanonymize hidden service operators, including exposed server status pages, analytics tracking codes, EXIF metadata in images, SSH fingerprints, email addresses, Bitcoin addresses, leaked IP addresses in headers, and linked clearnet infrastructure. OnionScan correlates findings across multiple hidden services to identify common operators. It is used by researchers and law enforcement to investigate dark web infrastructure and by operators to audit their own hidden services for OPSEC failures.
About SpiderFoot
SpiderFoot automates OSINT collection so you can focus on analysis. With over 200 modules, it queries dozens of data sources to gather intelligence on IP addresses, domain names, email addresses, names, and more. SpiderFoot includes a web-based UI for scan management and result visualization, making it accessible for analysts who prefer a graphical interface. It can also be run from the command line for automation and integration into existing workflows.
Platform Support
Tags
OnionScan only
SpiderFoot only