Is an amazing tool to track down footprints of any target you need to match. This piece of software has been developed by Paterva, and it's part of the Kali Linux distribution. Using Maltego will allow you to launch reconnaissance testes against specific targets. One of the best things this software includes is what they call 'transforms'.
Social networks are indeed a big part of any OSINT investigation. They can reveal useful information about individuals, what they look for, how they do it, what they like and many other personal details.
But OSINT Facebook data-gathering doesn’t stop with tools that show you only information about Facebook profiles. Today we’ll show you the best OSINT utilities that not only gather information about Facebook public data but also dig a little bit deeper under the surface — so keep reading.
9 popular OSINT Facebook tools
Let’s start with the best online tools to help you get the most out of Facebook intel gathering.
NetBootCamp
Download Maltego Full Cracked Programs Software Crack, Cracked, Cracks, Serial, Key, Activation, Latest Version for Windows and Mac. Download the full nulled variant + split of the Maltego Windows and Mac. Our clients have said they have not discovered anyplace Maltego split like our own. Gephi is an open-source software for visualizing and analyzing large networks graphs. Maltego is an information gathering tool that allows you to visually see relationships. It is capable of querying various public data sources and graphically depict the relationships between entities such as people, companies, web sites, and documents. Where it is used in the real world. Maltego can be used for the information gathering phase of all security related work, it is used as a forensics and data mining application, It is a must-have tool in the forensics, security. Load the config file called /opt/Teeth/etc/Maltegoconfig.mtz file into Maltego. This is painless: 1) Open Maltego Tungsten (or Radium) 2) Click top left globe/sphere (Application button) 3) Import - Import configuration, choose /opt/Teeth/etc/Maltegoconfig.mtz. The Maltego client's log file can be found in the following directories depending on which operating system you are using: Windows: C: Users AppData Roaming.maltego vmaltegoversion var log OS X: /Users//Library/A.
NetBootCamp is a great tool for searching different strings within Facebook.
It allows you to generate requests inside Facebook from a simple web-based interface. It will build the query URL for you so you can examine all the details.
In the following examples, we launched a couple of queries using their web interface, which is just a simple front end for common Facebook operations but simplified to help you choose your search without any complications.
This interface and its options will generate a request that looks like this:
- https://www.facebook.com/search/str/John+M+Smith/users-named/
- https://www.facebook.com/search/people?q=johnsmith%40gmail.com
- https://www.facebook.com/search/str/London/pages-named/home-residents/
For most requests, you need to have a fully activated Facebook account. You can also choose to search for details about the profile, photos, videos and much more.
Maltego
Whether you’re performing an investigation on an organization or an individual, Maltego is an essential OSINT Facebook utility. This excellent software will show you how exposed you are on the Internet.
Maltego can easily help you correlate and find links between individuals, organizations, geolocations, addresses, emails and phone numbers.
In Facebook’s case, Maltego offers numerous modules (known as “transforms” within the Maltego community) to investigate social profiles. The most popular ones would be SocialLinks or SocialNet, which are commercial OSINT Facebook modules.
This app is available for Windows, Linux, and Mac OS. Java 1.8 or greater is the only requirement.
Stay in the loop with the best infosec news, tips and tools
Follow us on Twitter to receive updates!
FB People Directory
Update March, 2019: Facebook no longer offers access to the People Directory.
FB People Directory is a native tool built by Facebook so you can, as its name suggests, search their people directory. It’s super useful and one of the easiest tools to use when you’re looking for someone.
The directory will show you the full list of Facebook members worldwide, where you can filter the results by first or last name.
Search is Back
Search is Back is a similar tool to NetBootCamp, as it allows you to search for people and events on Facebook — but it also lets you search by location, relationships, gender, job title, language spoken, and other details.
StalkScan (known as Facebook Scan)
StalkScan follows on the same line as the tools listed previously but has a nice, wide interface with a lot of options. The bad thing is, most of the queries use old Facebook URLs that no longer work.
But you can still get some details — for this test, we grabbed Kevin Mitnick’s profile URL: https://www.facebook.com/kmitnick007
Then we ran some tests, and some of the functions were working as expected. For example, getting photos of this user ID from the current year 2018 generated this URL:
- https://www.facebook.com/search/818300009/photos-by/2018/date/photos/intersect
The same goes with his 2018 videos and stories:
- https://www.facebook.com/search/818300009/videos-by/2018/date/videos/intersect
- https://www.facebook.com/search/818300009/stories-by/2018/date/stories/intersect
Facebook Live Map
Update March, 2019: FB livemap isn’t working / interactive like it used to be.
Facebook Live Map is an interactive global map function that comes with Facebook by default. Using the URL gives you the ability to watch live streaming videos from anywhere in the world.
In this case, we were able to grab some locations where live transmissions are being streamed right now.
If you zoom in and click on one of the blue dots, you’ll be able to see who’s streaming the video, the transmitted content and its exact location.
Facebook Email Search
Facebook Email Search is a simple URL that lets search for any Facebook profile by using an email address. The resulting URL will be something like:
https://www.facebook.com/search/top/?q=email%40gmail.com
You can replace this with any email you know to confirm whether it belongs to the person you suspect.
For example, we searched for the email address morrison@pucc.princeton.edu, and we discovered that it belongs to the famous Pulitzer Prize winner Toni Morrison. A Facebook page associated with that email appears as the first result.
Facebook Sleep Stats
Facebook Sleep Stats is an interesting app that was built not to fetch email, location or other common details, but to exploit a Facebook security flaw that lets you keep track of any online or offline profile status. Thanks to this utility, you’ll know when they connect and disconnect, information that can generate a pretty accurate image of their sleep pattern.
Watching how it works will give you a general idea about the potential privacy implications of modern social media, information that’s largely unfamiliar to the average non-technical person:
This application makes it possible to get a full list of Facebook users IDs, along with timestamps of their most recent online activity:
The above data can later be translated into human readable date and time information, such as “John Doe was last active on Dec 03 2018 12:50:22.”
The only requirements to get it running are Node.js and Git.
SecurityTrails
While all these tools can be helpful for gathering details about social profiles from individuals, there is much more to gathering OSINT Facebook data. We’re talking about investigating Facebook and all of its domains, servers, IPs and its SSL infrastructure from a single place.
Our passive DNS technology allows you to investigate everything you can imagine about any organization or company in the world, way beyond a simple citizen profile. Let’s see it in action for facebook.com
- Move to https://securitytrails.com
- Enter facebook.com in the first text bot
- A full interface with all facebook.com-related details will appear, as shown below:
As you can see, you’ll be able to grab numerous details from the Facebook.com domain name, which includes current DNS records from A, AAA, TXT, MX, SOA, and CNAME.
By querying our passive DNS API you’ll also be able to grab the entire Facebook DNS History, ordered by date or value, as seen here:
This DNS history is also available for the rest of the AAA, MX, NS, SOA and TXT records. But our intel information about Facebook.com doesn’t end there. SecurityTrails technology lets you explore the entire list of Facebook subdomains from the same web interface:
Maltego App For Mac Download
In this example, we filtered the exact 2,056 results to match any subdomain that contains the word “edge.” There many more filters and options to explore in our DSL documentation. You can also order the results by hosting provider or by WHOIS historical records.
By using our passive DNS API, you can fetch those details along with:
- WHOIS History
- Associated Domains
- IP Subnet
- PTR Search
- Open Ports
A tremendous advantage is the ability to integrate our API with your apps, using popular programming languages such as PHP, Node, Ruby, JavaScript, and Python.
You can even launch manual requests using curl command, as you see below:
curl –request GET –url https://api.securitytrails.com/v1/history/twilio.com/whois –header ‘apikey: >’
Maltego Mac
Furthermore, our recently launched SurfaceBrowser product enables you to integrate all these great tools into one single powerful interface, now one of the best sources available for your OSINT Facebook investigation.
Conclusion
No company is immune from getting spied on or analyzed, and the fact that Facebook is one of the most popular social networks in use makes it an easy target in the infosec market.
The good thing is there are ways to protect yourself. Now you know the right OSINT Facebook tools to analyze not only individuals but your own organization or company, helping you prevent exposing too many details about your online domains and internet infrastructure.
Have you tried SurfaceBrowser, our rock star product that offers WHOIS live data from all the popular domain names, as well as historical WHOIS records?
SecurityTrails strives to be the biggest cybersecurity treasure trove available, so you can easily use it as your #1 OSINT tool to audit your domain names, subdomains, IP addresses, SSL certificates and much more. Start testing our fabulous API by opening a free account today.
If you need anything you don’t see here yet, get in touch with us. We can build a wide range of custom solutions to match your needs!
Esteban is a seasoned security researcher and cybersecurity specialist with over 15 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.
Maltego App
Get the best cybersec research, news, tools,
and interviews with industry leaders
The Maltego Desktop Client is the visual interface in which all gathered.
Downloads. Select your operating system and filetype. Windows. Linux. Mac.
Since 2008, Maltego has empowered over a million investigations worldwide, and we are far from being done. How can Maltego support you?
Libero Mail Accedi (ANSA) – RIO DE JANEIRO, 03 NOV – Il Comune di Rio de Janeiro ha annunciato oggi la ripresa piena delle attività sulle. Libero Mail: accedi a tutti i tuoi account di posta nel modo più semplice e rapido. Per leggere e scrivere mail da iPhone e iPad non c'è app più comoda! Abbiamo sentito
According to the official Patreva website, «Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online.
Maltego is a software used for open-source intelligence and forensics, developed by Paterva from Pretoria, South Africa. Maltego focuses on providing a library.
Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego's unique advantage.
Paterva is the company responsible for bringing Maltego to the world. The company was formed back in 2007 by Roelof Temmingh and has been going strong.
Maltego is a data mining tool that mines a variety of open-source data resources and uses that data to create graphs for analyzing connections. The graphs.