Previously, we have talked about how to find social media by usernames using userrecon. But using that process we can't do a mass scan. But using Social Mapper we can don mass scan. Not only that the main function is we can find someone with the photo only. Yes, Social Mapper uses facial recognition to perform scan. Let's use the Social Mapper tool in our Kali Linux machine.
Social Mapper is a Python based open-source intelligence tool that correlates social media profiles via facial recognition.
Social Mapper collects data from many popular social media like
This tool uses names and photos as input to scan social media profiles of the people on mass scan.
Social Mapper is aimed at penetration testers and red teams, they can use it to expand their target lists and find social media profiles. Social Mapper is created by Jacob Wilkin. Jacob presents this tool on Black Hat USA 2018 and DEFCON 16 security conference.
Now we set up Social Mapper in our Kali Linux system. First we need to configure our system for Social Mapper. We need to install Gecodriver in /usr/bin. We can download Geckodriver's latest version for our Kali Linux 64 bit system from https://github.com/mozilla/geckodriver/releases
After download it in our Downloads folder, we need to extract Geckodriver files, To do that we open our terminal and we go to Downloads directory by using following command:
Then we type following command to extract the tar.gz compressed file:
Here x.xx.x is referring the downloaded version of Geckodriver. See the following screenshot:
Now we copy the Geckodriver folder to /usr/bin using following command:
Geckodriver is copied, now we need to install some prerequisites to run Social Mapper. To do that we use following command:
The download and installation will depend on our internet speed and system performance.
The screenshot is following:
Now we go back to our root folder by using
Then we clone Social Mapper from it's GitHub repository by applying following command:
The screenshot is following:
Then we need to install some python modules from Social Mapper's requirements we do this using following command:
The screenshot is following:
Now we are almost able to run Social Mapper. Then we go back to Social Mapper's directory using following command :
We can check the help option by using
The help menu is following:
Social Mapper requires one account of social media to search across social media platforms, like if we want to search a photo on Facebook and Twitter we need to give our Facebook and Twitters username and password. Here for our safety we shouldn't give our own social media account's credentials. We should open fake account on social media to safer use of Social Mapper.
We can add our username and password in social_mapper.py file. To do we open the file in any text editor (we are using leafpad here).
The screenshot of the command is following:
Then we need to scroll down and stop here as following screenshot:
Here we need to provide our username and password. Then we just save and close the text editor.
Then we open the Social Mapper folder in file manager and navigate to
Input-Examples > imagefolder as shown below
Here we can see some examples. We can add target's photo in this folder to perform a scan. Here we have added.
Then we type following command to perform a fast scan on Facebook:
The screenshot is following:
Here we can see the links of the profiles matched and also the results are saved in a csv and html file. We can open the html file in firefox web browser.
Here can come some fake profile of our target because we have used fast scan, to perform a accurate scan on Facebook and Twitter both we use following command:
Social Mapper is a Python based open-source intelligence tool that correlates social media profiles via facial recognition.
Social Mapper collects data from many popular social media like
- Linkedln
- Google plus
- VKontakte
This tool uses names and photos as input to scan social media profiles of the people on mass scan.
Social Mapper is aimed at penetration testers and red teams, they can use it to expand their target lists and find social media profiles. Social Mapper is created by Jacob Wilkin. Jacob presents this tool on Black Hat USA 2018 and DEFCON 16 security conference.
Now we set up Social Mapper in our Kali Linux system. First we need to configure our system for Social Mapper. We need to install Gecodriver in /usr/bin. We can download Geckodriver's latest version for our Kali Linux 64 bit system from https://github.com/mozilla/geckodriver/releases
we scrolled down to find Gecodriver |
Then we type following command to extract the tar.gz compressed file:
Here x.xx.x is referring the downloaded version of Geckodriver. See the following screenshot:
Now we copy the Geckodriver folder to /usr/bin using following command:
Geckodriver is copied, now we need to install some prerequisites to run Social Mapper. To do that we use following command:
The download and installation will depend on our internet speed and system performance.
The screenshot is following:
Now we go back to our root folder by using
Then we clone Social Mapper from it's GitHub repository by applying following command:
The screenshot is following:
Then we need to install some python modules from Social Mapper's requirements we do this using following command:
The screenshot is following:
Now we are almost able to run Social Mapper. Then we go back to Social Mapper's directory using following command :
We can check the help option by using
The help menu is following:
Social Mapper requires one account of social media to search across social media platforms, like if we want to search a photo on Facebook and Twitter we need to give our Facebook and Twitters username and password. Here for our safety we shouldn't give our own social media account's credentials. We should open fake account on social media to safer use of Social Mapper.
We can add our username and password in social_mapper.py file. To do we open the file in any text editor (we are using leafpad here).
The screenshot of the command is following:
Then we need to scroll down and stop here as following screenshot:
Credentials in plain text |
Here we need to provide our username and password. Then we just save and close the text editor.
Then we open the Social Mapper folder in file manager and navigate to
Input-Examples > imagefolder as shown below
Here we can see some examples. We can add target's photo in this folder to perform a scan. Here we have added.
Then we type following command to perform a fast scan on Facebook:
The screenshot is following:
Here we can see the links of the profiles matched and also the results are saved in a csv and html file. We can open the html file in firefox web browser.
Here can come some fake profile of our target because we have used fast scan, to perform a accurate scan on Facebook and Twitter both we use following command: