Immediately, researchers at Trustwave launched a brand new open-source tool referred to as Social Mapper, which makes use of facial recognition to trace topics across social media networks. Designed for safety researchers performing social engineering assaults, the system mechanically locates profiles on Fb, Instagram, Twitter, LinkedIn, and different networks primarily based on a reputation and film.
These searches can already be carried out manually, however the automated course of means it may be carried out far sooner and for many individuals directly. “Performing intelligence gathering on-line is a time-consuming course of,” TrustWave defined in a publish this morning. “What if it may very well be automated and finished on a mass scale with tons of or 1000’s of people?”
Social Mapper doesn’t require API entry to social networks, a restriction that has hampered social media monitoring instruments like Geofeedia. As an alternative, the system performs automated guide searches in an instrumented browser window, then makes use of facial recognition to scan by the primary ten to twenty outcomes for a match. The guide searches imply the tool might be fairly sluggish in comparison with API-based scans. The developer estimates that looking out a goal checklist of 1000 individuals may take greater than 15 hours.
The tip result’s a spreadsheet of confirmed accounts for every title, excellent for focused phishing campaigns or basic intelligence gathering. Trustwave’s emphasis is on moral hacking — utilizing phishing strategies to spotlight vulnerabilities that may then be mounted — however there are few restrictions on who can use this system. Social Mapper is licensed as free software program, and freely obtainable on GitHub.