Why is my username scan target getting treated as an Internet Name?

Some feedback we’ve seen from users is along the lines of “When searching for a username, I’m getting strange results.”

SpiderFoot attempts to make entering targets for your scan as easy as possible, and tries to achieve this by pattern matching your targets to determine their type. For most targets, this is easy since an IP address has a unique format, as does a subnet or host name. It gets a little more complicated for others though, so it’s important to heed this guidance available in the user interface.

For usernames specifically, we see common mistakes:

  • Using just the username without quotes, e.g. someuser (bad) instead of "someuser" (good). If the user contains a . and is missing quotes, then you’ll see SpiderFoot treat it as an Internet Name because it will look like a host name.
  • Prefixing the username with an @, e.g. "@someuser" (bad) instead of "someuser" (good)
  • Providing the URL of a social media presence, e.g. https://twitter.com/someuser (bad) instead of "someuser" (good). There is currently no way in SpiderFoot to direct scanning to a single URL or social media site.

Always ensure that for usernames, you specify the target with quotes and no additional symbols (unless they are part of the username).