Official Verified

fofamap

Use this skill when the user wants FOFA-based asset discovery, host profiling, distribution statistics, icon_hash generation, query refinement after zero-result searches, or cautious follow-up vulnerability triage. It is for security recon tasks that need deterministic FOFA API calls instead of an interactive CLI.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/asaotomo/fofamap

Download Source Code (.zip)

fofamap

Overview

This skill turns natural-language recon requests into a stable FOFA workflow:

pick the right FOFA operation,
detect the FOFA membership tier and capability profile,
run deterministic API calls through scripts/fofa_recon.py,
broaden the search when FOFA returns no useful data,
verify live web reachability when it matters,
track inventory drift with snapshot comparisons when the task is recurring,
export clean handoff files when the user needs deliverables,
summarize findings with clear caveats and next steps,
learn from prior runs so the next query, report, and handoff improve.

This skill is distilled from the FofaMap project, but packaged for skill use instead of an interactive application. The host agent should do the reasoning, and the helper script should do the FOFA API work. The workflow keeps the project's key tactics: action routing, permission-aware field selection, zero-result reflection, live reachability verification, export-oriented delivery, and targeted follow-up suggestions. It now also keeps a bounded local memory so the skill can reflect on failed runs, recurring friction, and strong report patterns without turning into an uncontrolled self-modifying black box.

For setup, the user only needs to provide FOFA credentials:

FOFA_EMAIL
FOFA_API_KEY

When To Use

Use this skill when the user asks for any of the following:

find exposed assets, subdomains, services, or product fingerprints with FOFA
profile a single IP or domain with FOFA host aggregation
analyze distribution data such as country, port, title, ASN, or organization rankings
run recurring asset monitoring and compare new, removed, or changed exposures
derive an icon_hash query from a target website
retry a failed FOFA search with broader, smarter fallback queries
decide whether the findings justify a separate validation step such as nuclei

Do not use this skill for:

general web scraping unrelated to FOFA
active exploitation by default
network scanning without explicit user approval
tasks that require guaranteed real-time validation beyond FOFA's indexed data

Quick Start

If credentials are not configured yet, read references/setup.md.

Required credentials for this skill:

FOFA email
FOFA API key

Core helper:

Read Full Documentation on GitHub

Metadata

Author@asaotomo

Stars4473

Updated2026-05-01

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-asaotomo-fofamap": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.

Related Skills

zipcracker

CTF-oriented ZIP cracking and recovery with the bundled ZipCracker engine. Use when Codex or OpenClaw needs to analyze or recover an encrypted ZIP in authorized contexts, including pseudo-encryption repair, default dictionary attacks, custom wordlists, mask attacks, short-plaintext CRC32 recovery, known-plaintext attacks, bkcrack workflows, template KPA, WinZip AES triage, or large-dictionary handling. Trigger on requests mentioning zip password, encrypted zip, ZIP challenge, 压缩包破解, ZIP 爆破, 伪加密, 掩码, 四位数字密码, 字典跑一下, 已知明文, 明文攻击, bkcrack, CRC32, AES ZIP, 看起来像 png/exe/pcapng/zip 模板, 这个压缩包打不开, or ClawHub/OpenClaw ZIP solving.

asaotomo 4473