Researchers at information security company Trustwave have developed an open-source facial recognition tool designed to gather general intelligence at a faster rate.
The software dubbed Social Mapper is capable of locating profiles of black hat hackers who contemplate attacks on secure networks aiming to destroy, modify, or steal data.
The tool intended for penetration testers and red teamers is available to everyone for free on GitHub.
Though such searches can be performed manually, the automated process using Social Mapper can be performed much faster on a large scale. Still the process takes no less than 15 hours for a searching details of 1,000 people.
How it works
The Social Mapper first prepares a list of targeted people for processing on the basis of the requirement. The tool now searches social media sites online to match the right profile which takes a significant bandwidth use. The system performs automated scans on numerous social media networks like Facebook, Instagram, Google+, Twitter, LinkedIn, the Russian social networking site VKontakte, and Chinese platfoms Weibo and Douban.
Then the tool generates reports in the form of spreadsheets which include profile details like photos, emails. This vital information could help an organisation to fix security vulnerabilities and social engineering attacks.
Since the search process based on their names and pictures takes a long time, the Trustwave team suggest running the program overnight.
Since the Social Mapper is licensed as an open-coded software designed for security researchers or white hat hackers it could be used by unethical people to customise software tools for their malware attacks or phishing campaigns.