Facial recognition tool helps penetration testing
Using fake social media profiles is a common technique among hackers in order to gain the confidence of targets and direct them to credential stealing sites.
For security and penetration testing teams to replicate this is time consuming as often people have profiles across multiple sites. Ethical hacking specialist Trustwave is using a new tool called Social Mapper that can correlate profiles across multiple sites and make analyzing a person's online presence easier.
Social Mapper is an open source tool that takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a person's social profiles, outputting the results into a report that a human operator can quickly review. It supports popular platforms including LinkedIn, Facebook, Twitter, Google+, Instagram and more.
It's aimed mainly at penetration testers, who can use it to expand their target lists, aiding them in social media phishing scenarios. Its primary benefit comes from the automation of matching profiles and report generation capabilities. As the security industry continues to struggle with talent shortages and rapidly evolving adversaries, it is imperative that a penetration tester's time is utilized in the most efficient means possible.
"Social media phishing has gone up tenfold in the last two years," says Jacob Wilkin, application security consultant and penetration tester at Trustwave's SpiderLabs. "Social Mapper correlates data across sites using facial recognition to identify phishing targets. So, for example, it grabs photos and names from LinkedIn then searches other social media profiles to find matches, something which would take many hours to do manually. We can then make a fake profile to use in penetration testing."