CUSpider - PII Scanning Application

CUSpider Icon

About CUSpider

CUSpider is a open-source forensic file scanning program that can scan Windows desktops and laptops for Social Security Numbers (SSN) and other Personally Identifiable Information (PII). According to Columbia University Policy SSNs and other sensitive PII (as defined by the CU Data Classification Policy) should not be left unencrypted on workstation drives. You can use this tool, which is already installed on a large number of CUIT-managed staff workstations, to locate and then remediate any SSN/PII you find.

CUSpider scans your computer, produces a list of files which appear to contain PII, and provides options for you to take immediate actions for remediation, including secure deletion, and redaction.

CUSpider is a modification and repackaging of Spider2008 version 4.0.2 (Latrodectus), an open-source program PII-scanning program developed by Cornell University and Wyman Miles (see below for a list of modifications and changes), and released under the GNU General Public License v2.  

CUSpider requires a computer with at least Windows XP Service Pack 2, 256MB of RAM, and .NET 2.0 or higher installed. Certain additional features, such as DOCX redaction and PST scanning require Microsoft Office 2007 be installed. Only CUSpider v.1.3.1 (Reilly) is Windows 7 compatible.

Mac and Linux variants of CUSpider are in development, but not available yet.

Contact

All comments or support queries about CUSpider should be directed to the CUIT Infosec team at cuit-infosec@columbia.edu.

Unforunately, CUIT Information Security can only guarantee support for CUIT Managed computers running approved versions of CUSpider linked on this page.

However, even if you do not fall into that category, please contact us anyway, and we may be find a way to help you out anyway

Download CUSpider

  • CUSpider v.1.3.1 (Reilly) (11.9MB)
    • MD5 Checksum: 2152E43126411457C700B60FA3D3BE49

  • UserGuide to CUSpider v.1.3.1 (Reilly)

  • CUSpider v.1.3.1 (Reilly) Source Code (93.5MB)
    • MD5 Checksum: A6616A25DA21832F74886D39D5A4DB90
  • Note About Upgrading from Parker (v.1.0.2)
    • Due to a number of fundamental changes in the way CUSpider handles settings and data, upgrading from v.1.0.2 to v.1.3.1 is not a straightforward process.
       
      • The installer for v.1.3.1 will NOT run if v.1.0.2 is installed on the system. You will have to UNINSTALL v.1.0.2 before upgrading to Reilly.
         
      • Additionally, if you have state files from v.1.0.2 that you wish to continue accessing after the upgrade, make sure to backup the entropy file as well as the state files themselves.
        ​​​​​​​
  • CUSpider v.1.4 Release Candidate (12.7MB)
    • MD5 Checksum: 4A00FF32527A310A4844C285283DFE97
  • This is a beta/release candidate. Please report any bugs, comments, questions to cuit-infosec@columbia.edu, or even notes about how it's worked out for you.

Other Helpful Guides for CUSpider

Refer to our Tips on Remediation for guidance on how to handle any PII that come up in your CUSpider scans.

Learn about Spider State Files, keyfiles, and modifying CUSpider's configuration in CUSpider v.1.0.1 and v.1.3.1 with our Advanced Guides.