Trustwave has launched Social Mapper, an open source intelligence tool that uses facial recognition to correlate social media profiles across a number of different sites on a large scale.Trustwave, which provides ethical hacking services, wrote on its company blog that it has successfully used the tool in a number of penetration tests and red teaming engagements on behalf of clients.The firm notes that it takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a person's presence, outputting the results into a report that a human operator can quickly review.”It's primarily aimed at penetration testers and red teamers, who will use it to expand their target lists, aiding them in social media phishing scenarios. Its primary benefit comes from the automation of matching profiles and the report generation capabilities.”The company says that at a low level, Social Mapper works by running through 3 main stages. The first is target parsing, it creates a list of targets based on the input you give it. A social mapper target consists of a name and a picture of that person. These can be provided via links in a csv file, images in a folder or via people registered to a company on LinkedIn.Once the targets are processed, stage 2 of social mapper kicks in and it starts searching for these people online. It does this by instrumenting the Firefox browser, logging into the supported social media sites and begins searching for targets by name. It pulls out the top results from this search (usually between 10 and 20) and starts downloading the profile pictures and performing facial recognition checks to try and find a match. This stage of the program can take a long time to run. For target lists of 1,000 people it can take more than 15 hours and use a large amount of bandwidth, depending on which options are selected. I would recommend running the tool overnight on a machine with a good internet connection for these reasons.Once all the social media sites have been checked, stage 3 of the tool kicks in and it starts generating your reports and data. Social Mapper has a variety of output; it generates a csv file with links to the profile pages of the target list and a more visual HTML report that can be handy for quickly checking and verifying the results.
Recent Video
- New non-profit trade association of HAND will standardise global talent ID
- No cards, no phones: J.P. Morgan’s biometric revolution in payments
- Anthony Vidiano on building the future of access management
- Charisma Check wins 2025 Start-Up Pitching Competition, advancing identity verification and background checks for dating app users
- How to protect one billion Amazon customers: Lessons from continuous risk assessments
