What APIs do you recommend?

Probably the most common question we receive from users is what API keys they should subscribe to / purchase for getting the most value out of SpiderFoot and OSINT in general.

We’ll open this up to the community for their opinions, since we remain impartial on the use of APIs.

Begin with the free sites such as Censys and then Alien Vault OTX .
So you have IPs, websites and Certificates or hashes.
Urlscan is a brilliant resource to view a great deal and you will have a face so to speak and also many connections and modus operandi via content and dom links etc. Virus total i believe is still available and HIBP and Hunter io also offer free service all of these do to the best of my knowledge., Pulsedive,risk IQ and thats a good start.

Depending on the use case, but I prefer the following API’s as a good startup:

Internet Crawlers:
Shodan
Censys

Leaked content:
Pastebin (google API)
HaveIBeenPowned

Domain info gathering:
recon.dev
securitytrails

Offcourse based on Spiderfoot HX where there is a good base of modules out-of-the-box configured/working.

Based on above API’s when finished a scan you have a good base to do some more detailed investigation where based on the use case other API’s will come in handy.