Security experts at Trustwave have released Social Mapper, a new open-source tool that allows finding a person of interest across social media platform using facial recognition technology.
The tool was developed to gather intelligence from social networks during penetration tests and are aimed at facilitating social engineering attacks.
Social Mapper facial recognition tool automatically searches for targets across eight social media platforms, including Facebook, Instagram, Twitter, LinkedIn, Google+, VKontakte (The Russian Facebook), and Chinese Weibo and Douban.
An individual could be searcher by providing a name and a picture, the tool allows to conduct an analysis “on a mass scale with hundreds or thousands of individuals” at once.
“Performing intelligence gathering is a time-consuming process, it typically starts by attempting to find a person’s online presence on a variety of social media sites. While this is a easy task for a few, it can become incredibly tedious when done at scale.” Trustwave states in a blog post.
“Introducing Social Mapper an open source intelligence tool that uses facial recognition to correlate social media profiles across a number of different sites on a large scale. Trustwave, which provides ethical hacking services, has successfully used the tool in a number of penetration tests and red teaming engagements on behalf of clients.”
The Social Mapper search for specific profiles in three stages:
Stage 1—The tool creates a list of targets based on the input you give it. The list can be provided via links in a CSV file, images in a folder or via people registered to a company on LinkedIn.
Stage 2—Once the targets are processed, the second stage of Social Mapper kicks in that automatically starts searching social media sites for the targets online.
This stage can be time-consuming, the search could take over 15 hours for lists of 1,000 people and use a significant amount of bandwidth, for this reason, experts recommend running the tool overnight on a machine with a good internet connection.
Stage 3—The Social Mapper starts generating a variety of output, including a CSV file with links to the profile pages of the target list and a visual HTML report.
Of course, this intelligence-gathering tool could be abused by attackers to collect information to use in highly sophisticated spear- phishing campaigns.
Experts from Trustwave warn of potential abuses of Social Mapper that are limited “only by your imagination.” Attackers can use the results obtained with the tool to:
If you want to start using the tool you can find it for free on GitHub.
Trustwave researcher Jacob Wilkin will present Social Mapper at the Black Hat USA conference today.