MISC - Tips & Tricks

Tips & Tricks

# Liveleak allows to see what will be removed on others video website..
# Take care

# Webcams (legit and bad configuration)

# Download Periscope videos

# Professionnal profiles (like photos) can be used to search for differents
# personal profiles which are easier to exploit and dig


# Online source tool used to find and get information about Skype accounts


# Socialblade is an online tool where you can see and analyze Youtube, Instagram, Twitch, Twitter or Dailymotion accounts

Youtube & Videos

# Yasiv is an online tool allowing to map links and relations between Youtube videos

# Youtube comment finder

# PeteyVid is like a meta search engine for videos (specific research)
# More than 70 sources


# Reaper is a Windows GUI tool that scrapes (download) data from social media through their API
# It supports several platforms : Facebook, Twitter, Reddit, Youtube, Pinterest, Tumblr
# All data will be saved in a excel output format

# The official website gives informations on how to set up different services

# Facebook (https://reaper.social/platforms/facebook.html)
# Public and private data
# The Graph API gives public access to some useful data such as the posts and comments made on public facebook pages. 
# Page, Group and Event administrators have access to more information such as statistics, and identifying informaton 
# for user’s posts, comments and reactions. If you want to access this private data you can request an access token from an administrator.

Social Mapper

General Informations
# Social Mapper is a tool that correlates profiles via facial recogniton

# It supports the following social networks : LinkedIn, Facebook, Twitter, GooglePlus, Instagram, VKontakte, Weibo, Douban

# It can takes a variety of input
# Organisation name → Searching via LinkedIn
# A folder full of named images
# A CSV file with names and URL's to images online
Getting Started
# A quick run for facebook and twitter on some targets you have in an imagefolder, that you plan to manually review and don't mind some false positives:
python social_mapper.py -f imagefolder -i ./mytargets -m fast -fb -tw

# A exhaustive run on a large company where false positives must be kept to a minimum
python social_mapper.py -f company -i "SpiderLabs" -m accurate -a -t strict

# A large run that needs to be split over multiple sessions due to time, the first run doing LinkedIn and Facebook, with the second resuming and 
# filling in Twitter, Google Plus and Instagram
python social_mapper.py -f company -i "SpiderLabs" -m accurate -li -fb
python social_mapper.py -f socialmapper -i ./SpiderLabs-social-mapper-linkedin-facebook.html -m accurate -tw -gp -ig

# A quick run (~5min) without facial recognition to generate a CSV full of names,email addresses,profiles and photo 
# links from up to 1000 people pulled out of a LinkedIn company, where the email format is known to be "firstname.lastname".
python social_mapper.py -f company -i "SpiderLabs" -m accurate -li -e "<first>.<last>@spiderlabs.com"


# Tool

# It uses some basic python webscraping to compile passive information on a target

# Included modules will allow queries for the following :
# Phone
# Email
# Screen names
# Real names
# Addresses
# IP
# Hostname
# Breach Credentials

python skiptracer.py -l phone
python skiptracer.py -l email
python skiptracer.py -l sn
python skiptracer.py -l plate-

# Phone Number (FR)