Social Mapper is a new open source intelligence tool that uses facial recognition to correlate social media profiles. The tool has been developed by Trustwave, a company that provides ethical hacking services. Apparently, the tool has already been tested in several penetration tests and red teaming engagements.
Social Mapper “takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a person’s presence, outputting the results into a report that a human operator can quickly review”.
What Social Platforms Does Social Mapper Support?
Who Can Use Social Mapper?
The tool is primarily designed for pentesters and red teamers to use it to expand their target lists to counter social media phishing scenarios.
(Red Teaming is a full-scope, multi-layered attack simulation that measures how well a company’s people and networks, applications and physical security controls can withstand an attack from a real-life adversary).
Social Mapper comes in handy because it makes it possible to automate search scans and perform them faster and on a mass scale at once.
“Performing intelligence gathering online is a time-consuming process, it typically starts by attempting to find a person’s online presence on a variety of social media sites,” Trustwave says.
How Does Social Mapper Work?
Shortly said, the tool goes through three main stages. The first stage is where Social Mapper creates the target list which contains names and pictures, based on the particular data input. The data input can be in a CSV file, images in a folder or via people registered to a company on LinkedIn.
The second stage is where the target data is processed and the tool automatically initiates searches on social media platforms online.
It does this by instrumenting the Firefox browser, logging into the afore mentioned supported social media sites and begins searching for targets by name. It pulls out the top results from this search (usually between 10 and 20) and starts downloading the profile pictures and performing facial recognition checks to try and find a match.
According to the researchers’ recommendations, it is best to run the tool overnight with a stable internet connection. Users of the tool should keep in mind that this stage can take a long time to run. For target lists of 1000 people it can take more than 15 hours, where a large amount of bandwidth is used, depending on the selected options.
The last stage consists of generating reports:
Social Mapper has a variety of output; it generates a csv file with links to the profile pages of the target list and a more visual HTML report that can be handy for quickly checking and verifying the results.
Social Mapper also has the option to generate lists for each site checked with a person’s name, potential work email based on a provided format and the link to their profile, Trustwave explains.
How do you feel about such a tool? Do you think it can be leveraged by black hat hackers?