The amount of information available to the cybersecurity warriors of today can be quite useful. However, the intelligence-gathering process is quite cumbersome. If you’re focusing on smaller sample sizes, sure, it may not take you or your team much time. But when you’re looking to gather information at scale, it’s an entirely different story.

The experts at Trustwave know this well, so they’ve created an open source intelligence tool that enables penetration testers and red teasers to scrape information from social media accounts.

From LinkedIn and Facebook to Instagram and Weibo, Social Mapper leverages facial recognition to correlate social media profiles across a total of eight social media channels.

“It’s meant for scraping various social networks for information that can later be reused to build phishing campaigns or social engineering campaigns,” Karl Sigler, threat intelligence manager at Trustwave SpiderLabs told InfoSec Insider during a recent interview shot at the Black Hat Conference in Las Vegas. “It uses a photograph of a person and uses facial recognition to pinpoint that exact person.”

In the full interview below, Sigler discusses how penetration testers and red teamers can leverage Social Mapper and gives us a demonstration of how the threat intelligence gathering tool works.

Click here to watch the video.

Marcos Colón
SVP, Content Marketing
As MISTI’s content marketing lead, Marcos spearheads the brand’s content marketing strategy, implementing a process to deliver high-quality insight to information security and internal audit professionals. Prior to working with MISTI, he served as the online editor for the award-winning SC Magazine, a prominent B2B IT security publication. He also served as a senior editor at NewsCred, a prominent content marketing agency, where he provided content strategy guidance for leading brands that include Discover, IBM, Visa and Bloomberg.