social_mapper
A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)
Top Related Projects
Hunt down social media accounts by username across social networks
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
E-mails, subdomains and names Harvester - OSINT
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Quick Overview
Social Mapper is an open-source intelligence (OSINT) tool that automates the process of finding a person's social media profiles across a variety of platforms. It can be used for reconnaissance, social engineering, and other security-related tasks.
Pros
- Automates the tedious process of searching for a person's social media profiles across multiple platforms
- Supports a wide range of social media platforms, including Facebook, Twitter, LinkedIn, Instagram, and more
- Provides a comprehensive report with links to all discovered profiles
- Can be used for both personal and professional purposes, such as security assessments and investigations
Cons
- Requires the user to have accounts on the various social media platforms in order to perform searches
- May raise ethical concerns if used for malicious purposes, such as stalking or harassment
- Relies on public data, so the accuracy of the results may be limited
Code Examples
N/A (this is not a code library)
Getting Started
N/A (this is not a code library)
Competitor Comparisons
Hunt down social media accounts by username across social networks
Pros of sherlock
- Supports a much larger number of websites and platforms (350+)
- Faster execution due to asynchronous requests
- More actively maintained with frequent updates
Cons of sherlock
- Lacks visual output or report generation
- Does not perform facial recognition or image analysis
- Limited to username searches only
Code comparison
sherlock:
async def sherlock(username, site_data, query_notify):
requests_future = []
for social_network, net_info in site_data.items():
# Create session based on request methodology
session = await get_session(net_info["request_type"])
# Create future for request
future = await session.get(net_info["url"].format(username))
requests_future.append((social_network, future))
social_mapper:
def fill_facebook(self, first_name, last_name):
try:
url = "https://www.facebook.com/search/people/?q=" + first_name + "%20" + last_name
self.driver.get(url)
sleep(3)
search_results = self.driver.find_elements_by_xpath('//div[@class="_401d"]/div/div/div/a')
for result in search_results:
profile_link = result.get_attribute('href')
# Process profile link
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
Pros of EagleEye
- More focused on facial recognition and image processing
- Utilizes machine learning algorithms for improved accuracy
- Supports a wider range of social media platforms
Cons of EagleEye
- Less user-friendly interface compared to Social Mapper
- Requires more technical knowledge to set up and use effectively
- May have higher false positive rates in certain scenarios
Code Comparison
EagleEye:
def get_face_encodings(image):
face_locations = face_recognition.face_locations(image)
return face_recognition.face_encodings(image, face_locations)
Social Mapper:
def getFacebookProfiles(firstName, lastName):
url = "https://www.facebook.com/search/people/?q=" + firstName + "%20" + lastName
return facebook.get_profiles(browser, url)
The code snippets highlight the different approaches:
- EagleEye focuses on facial recognition using the
face_recognition
library - Social Mapper emphasizes web scraping and profile searching on specific platforms
Both tools serve similar purposes but with different strengths:
- EagleEye excels in image processing and facial recognition across multiple platforms
- Social Mapper provides a more straightforward approach to searching and mapping social media profiles
Users should choose based on their specific needs, technical expertise, and desired level of accuracy in profile matching.
E-mails, subdomains and names Harvester - OSINT
Pros of theHarvester
- Broader scope of information gathering, including email addresses, subdomains, and more
- Supports a wider range of sources and search engines
- More actively maintained with frequent updates
Cons of theHarvester
- Less focused on social media profiles compared to social_mapper
- May require more manual analysis of gathered data
- Does not include facial recognition capabilities
Code Comparison
social_mapper:
def fill_facebook(self, facebook):
try:
self.driver.get(facebook)
time.sleep(3)
# ... (code for Facebook scraping)
except Exception as e:
print("Error filling Facebook data: %s" % e)
theHarvester:
async def search(self):
self.total_results += await self.google_search()
self.total_results += await self.bing_search()
self.total_results += await self.yahoo_search()
# ... (additional search methods)
The code snippets show that social_mapper focuses on specific social media platforms, while theHarvester employs a broader search approach across multiple sources.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Pros of SpiderFoot
- More comprehensive OSINT tool with a wider range of data sources and modules
- Offers both CLI and web-based GUI for easier use and visualization
- Actively maintained with regular updates and a larger community
Cons of SpiderFoot
- Steeper learning curve due to its extensive features and options
- May require more system resources for large-scale scans
Code Comparison
SpiderFoot:
from spiderfoot import SpiderFootScanner
sf = SpiderFootScanner(opts)
sf.start()
Social Mapper:
from modules.facebookfinder import facebookfinder
facebook = facebookfinder(showbrowser)
facebook.doLogin(username, password)
Key Differences
- SpiderFoot is a more versatile OSINT framework, while Social Mapper focuses specifically on social media profile mapping
- SpiderFoot offers a modular architecture, allowing for easier extension and customization
- Social Mapper provides a more streamlined approach for correlating profiles across multiple social networks
Use Cases
- SpiderFoot: Comprehensive threat intelligence gathering, vulnerability assessment, and digital footprint analysis
- Social Mapper: Targeted social media reconnaissance and identity correlation across platforms
Community and Support
- SpiderFoot has a larger user base and more active development
- Social Mapper has fewer contributors but offers a more specialized tool for social media mapping
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Pros of maigret
- Supports a much wider range of websites and platforms (500+)
- More actively maintained with frequent updates
- Provides detailed JSON reports and export options
Cons of maigret
- Lacks facial recognition capabilities
- Does not integrate with social media APIs for deeper data extraction
- May require more manual verification of results
Code comparison
maigret:
async def main():
results = await maigret.search_username(username, sites, db)
report = maigret.generate_report(results)
print(report)
social_mapper:
def main():
social_mapper = SocialMapper(config)
social_mapper.process_image(image_path)
results = social_mapper.find_profiles()
print(results)
Summary
maigret offers broader platform coverage and more active development, making it suitable for general OSINT tasks. social_mapper specializes in facial recognition-based searches across major social networks, providing a more focused approach for visual identification. The choice between them depends on the specific requirements of the investigation and the desired depth of analysis in social media profiles.
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Pros of social-analyzer
- Supports a wider range of social networks and websites (300+)
- Provides more detailed analysis, including profile pictures and metadata
- Offers both CLI and web interface options for flexibility
Cons of social-analyzer
- May require more setup and dependencies
- Can be slower due to the extensive number of sites it checks
Code Comparison
social-analyzer:
def find_username_normal(req):
global headers
response = requests.get(req["url"].format(req["username"]), headers=headers, timeout=5)
if response.text.find(req["string"]) > 0:
return True
return False
social_mapper:
def fill_facebook(self, facebook):
try:
self.driver.get(facebook)
time.sleep(3)
return True
except:
return False
social-analyzer offers a more generic approach to checking usernames across multiple platforms, while social_mapper focuses on specific social networks with tailored methods for each.
Both projects aim to gather information from social media profiles, but social-analyzer provides a more comprehensive and flexible solution. However, social_mapper may be easier to set up and use for specific, targeted searches on major social networks.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Social Mapper
This tool is no longer actively maintained, parts of it may still work and I will accept pull requests to keep it up to date
WARNING: FACEBOOK NOW DETECTS THIS AFTER A FEW 100 SEARCHES, USE ONLY DISPOSABLE FACEBOOK ACCOUNTS
A Social Media Mapping Tool that correlates profiles via facial recognition by Jacob Wilkin (Greenwolf).
Social Mapper is an Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to search popular social media sites for targets' names and pictures to accurately detect and group a personâs presence, outputting the results into report that a human operator can quickly review.
Social Mapper has a variety of uses in the security industry, for example the automated gathering of large amounts of social media profiles for use on targeted phishing campaigns. Facial recognition aids this process by removing false positives in the search results, so that reviewing this data is quicker for a human operator.
Social Mapper supports the following social media platforms:
- Google Plus
- VKontakte
- Douban
Social Mapper takes a variety of input types such as:
- An organisation's name, searching via LinkedIn
- A folder full of named images
- A CSV file with names and URLâs to images online
Usecases (Why you want to run this)
Social Mapper is primarily aimed at Penetration Testers and Red Teamers, who will use it to expand their target lists and find their social media profiles. From here what you do is only limited by your imagination, but here are a few ideas to get started:
(Note: Social Mapper does not perform these attacks, it gathers you the data you need to perform them on a mass scale.)
- Create fake social media profiles to 'friend' the targets and send them links or malware. Recent statistics show social media users are more than twice as likely to click on links and open documents compared to those delivered via email.
- Trick users into disclosing their emails and phone numbers with vouchers and offers to make the pivot into phishing, vishing or smishing.
- Create custom phishing campaigns for each social media site, knowing that the target has an account. Make these more realistic by including their profile picture in the email. Capture the passwords for password reuse.
- View target photos looking for employee access card badges and familiarise yourself with building interiors.
Getting Started
These instructions will show you the requirements for and how to use Social Mapper.
Prerequisites
Note: On Kali you can now run ./kali-installer.sh from the setup directory.
As this is a Python3 based tool, it should theoretically run on Linux, ChromeOS (Developer Mode) and macOS. The main requirements are Firefox, Selenium and Geckodriver. To install the tool and set it up follow these 4 steps:
- Install the latest version of Mozilla Firefox for macOS here:
https://www.mozilla.org/en-GB/firefox/new/
Or for Debian/Kali (but not required for Ubuntu) get the non-ESR version of Firefox with:
sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade
Make sure the new version of Firefox is in the path. If not manually add it.
- Install the Geckodriver for your operating system and make sure it's in your path, on Mac you can place it in
/usr/local/bin
, on ChromeOS you can place it in/usr/local/bin
, and on Linux you can place it in/usr/bin
.
Download the latest version of Geckodriver here:
https://github.com/mozilla/geckodriver/releases
- Install the required libraries:
On Linux install the following prerequisites:
sudo apt-get install build-essential cmake
sudo apt-get install libgtk-3-dev
sudo apt-get install libboost-all-dev
On Linux & macOS finish the install with:
git clone https://github.com/Greenwolf/social_mapper
cd social_mapper/setup
python3 -m pip install --no-cache-dir -r requirements.txt
On Mac look through the setup/setup-mac.txt file to view some additional xcode, brew and xquartz installation instructions.
- Provide Social Mapper with credentials to log into social media services:
Open social_mapper.py and enter social media credentials into global variables at the top of the file
-
For Facebook & Instagram, make sure the language of the account which you have provided credentials for is set to 'English (US)' for the duration of the run. Additionally make sure all of your accounts are working, and can be logged into without requiring 2 factor authentication.
-
Use the Firefox browser to login to each Social Media Profile once and save/process and "unknown browser" or "trust this browser" pages.
Using Social Mapper
Social Mapper is run from the command-line using a mix of required and optional parameters. You can specify options such as input type and which sites to check alongside a number of other parameters which affect speed and accuracy.
Required Parameters
To start up the tool 4 parameters must be provided, an input format, the input file or folder and the basic running mode:
-f, --format : Specify if the -i, --input is a 'name', 'csv', 'imagefolder' or 'socialmapper' resume file
-i, --input : The company name, a CSV file, imagefolder or Social Mapper HTML file to feed into Social Mapper
-m, --mode : 'fast' or 'accurate' allows you to choose to skip potential targets after a first likely match is found, in some cases potentially speeding up the program x20
Additionally at least one social media site to check must be selected by including one or more of the following:
-a, --all : Selects all of the options below and checks every site that Social Mapper has credentials for
-fb, --facebook : Check Facebook
-tw, --twitter : Check Twitter
-ig, --instagram : Check Instagram
-li, --linkedin : Check LinkedIn
-gp, --googleplus : Check Google Plus
-vk, --vkontakte : Check VKontakte
-wb, --weibo : Check Weibo
-db, --douban : Check Douban
Optional Parameters
Additional optional parameters can also be set to add additional customisation to the way Social Mapper runs:
-t, --threshold : Customises the facial recognition threshold for matches, this can be seen as the match accuracy. Default is 'standard', but can be set to 'loose', 'standard', 'strict' or 'superstrict'. For example 'loose' will find more matches, but some may be incorrect. While 'strict' may find less matches but also contain less false positives in the final report.
-cid, --companyid : Additional parameter to add in a LinkedIn Company ID for if name searches are not picking the correct company.
-s, --showbrowser : Makes the Firefox browser visible so you can see the searches performed. Useful for debugging.
-w, --waitafterlogin : Wait for user to press Enter after login to give time to enter 2FA codes. Must use with -s
-v, --version : Display current version.
-vv, --verbose : Verbose Mode (Useful for Debugging)
-e, --email : Provide a fuzzy email format like "<f><last>@domain.com" to generate additional CSV files for each site with firstname, lastname, fullname, email, profileURL, photoURL. These can be fed into phishing frameworks such as Gophish or Lucy.
Example Runs
Here are a couple of example runs to get started for differing use cases:
A quick run for Facebook and Twitter on some targets you have in an imagefolder, that you plan to manually review and don't mind some false positives:
python3 social_mapper.py -f imagefolder -i ./Input-Examples/imagefolder/ -m fast -fb -tw
The same as above but with the browser showing, and waiting enabled to allow a user to enter 2FA codes and manually rectify changed login processes:
python3 social_mapper.py -f imagefolder -i ./Input-Examples/imagefolder/ -m fast -fb -tw -s -w
An exhaustive run on a large company where false positives must be kept to a minimum:
python3 social_mapper.py -f company -i "Evil Corp LLC" -m accurate -a -t strict
A large run that needs to be split over multiple sessions due to time, the first run doing LinkedIn and Facebook, with the second resuming and filling in Twitter, Google Plus and Instagram:
python3 social_mapper.py -f company -i "Evil Corp LLC" -m accurate -li -fb
python3 social_mapper.py -f socialmapper -i ./Evil-Corp-LLC-social-mapper-linkedin-facebook.html -m accurate -tw -gp -ig
A quick run (~5min) without facial recognition to generate a CSV full of names, email addresses, profiles and photo links from up to 1000 people pulled out of a LinkedIn company, where the email format is known to be "firstname.lastname":
python3 social_mapper.py -f company -i "Evil Corp LLC" -m accurate -li -e "<first>.<last>@evilcorpllc.com"
Troubleshooting
Social Media sites often change their page formats and class names, if Social Mapper isn't working for you on a specific site, check out the docs section for troubleshooting advice on how to fix it. Please feel free to submit a pull request with your fixes.
Maltego
For a guide to loading your Social Mapper results into Maltego, check out the docs section.
Authors
- Jacob Wilkin - Research and Development
Donation
If this tool has been useful for you, feel free to thank me by buying me a coffee :)
Acknowledgments
- Thanks to Vincent Yiu & MDSEC for their great LinkedInt tool which inspired me to add the search by LinkedIn company name input method.
- Thanks to janmei (Pinterest Module), alexsok-bit, ewpratten, cclauss, TADT1909, Molkree and kix-s for their contributions to the project.
- Thanks to
[Your Name Could Be Here, Come Help Out!]
for contributions to the project.
Youtube Trailer:
Top Related Projects
Hunt down social media accounts by username across social networks
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
E-mails, subdomains and names Harvester - OSINT
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot