-
Notifications
You must be signed in to change notification settings - Fork 107
SOCMINT Challenge
SOCMINT is Social Media Intelligence. SOCMINT is the collection and analysis of data from social media platforms for various purposes, such as link analysis and digital footprints
SOCMINT is a sub-discipline of open source intelligence (OSINT). SOCMINT only obtains intelligence from social media, whereas OSINT gathers intelligence from various sources
- Youtube
- Quora
- Tik Tok
- VK
- Text Intelligence
- Geolocation
- Documentary
- Critical Thinking
- Reading diligently
Next, it is important to know the types of information that can be collected from social media platforms. We can divide this information into three general categories:
Profile Information: Static information provided about a particular user that can be observed by those accessing the profile. On LinkedIn, for example, this might include the user's job title, current and previous employers, skills, and contact information. Interaction: Users on social media platforms can interact with the platform or other users in various ways. These forms of interaction include posting/commenting, replying to others' content, posting images or videos, and liking or reacting to existing content. Metadata: Information found on social media platforms is not limited to text and images. Metadata can also include contextual information about the content. Metadata can include the location marked in a post, the time the post was made, or even the type of device used to take the picture
- Profile information
- Post and activity
- Professional information
- Interaction
- Connection or follower
- Interest
- Location
- Communication
- Media consumed
- Opinion or sentiment
- Photos and videos (media)
- Mention
- Hashtag
- Online activity
- Username
- Email address
- Phone number
As we know, social media is a large and very useful information land but there are things that you encounter if you do SOCMINT, and need to be aware of them:
Social media platforms like Facebook and Twitter have billions of users every month. With so much data available, it can be difficult to find information relevant to a particular investigation. Many platforms operate with the goal of keeping the identities of their users confidential, which poses a challenge for investigators. Additionally, the increasing prevalence of fake accounts and bots on these platforms can make it very difficult to know which data is accurate, available and useful
Be careful of social media posts, there are so many that I often find such as cases of propaganda, fake news (hoax), politics of divide and conquer, AI generated, brainwashing, opinion deflection, opposition and very disturbing buzzer posts such as bots. You must review and dig up the information such as checking on fact check sites, research such as doing reverse images, text intelligence, as well as its activity whether there are bots and check the time or latency of the post
Social media is very vulnerable to privacy and ethics. As investigators, we must apply ethics on the internet and risk violating privacy and authority. For example, governments, data brokers and platforms have logs and spy on activities
If you don't have the money to do automation or scrapping on social media sites, they have crawl detectors and WAF to protect against scrapper bots. You need an understanding of pentesting or IT security to bypass this access, there are many free scrapper tools that you can use in this repo. But if you have more money I recommend buying a specialized tool, or subscribing to the API
An investigator requires anonymity, budget and time to create a fake account (Sockuppupet) If you are in an investigative position such as OPSEC, analyzing a case such as opposition etc. it is necessary to use a fake account. So as much as possible make your account authentic and have an audience this requires time and money to create
In social media, you will definitely find pros and cons. In Indonesia, there are bot (Buzzer) accounts that are very disturbing and can distort the truth by making junk posts and using auto comment automation, posts etc. This behavior can be seen in the latency of each post, content, interaction, profile or usrname, followers and other things. You need to do scrapping and do text intelligence to make it easier for you to manage data such as clustering
Propaganda is the dissemination of information aimed at influencing public opinion and behavior. Propaganda can be facts, arguments, rumors, half-truths or lies. Propaganda can be done using symbols that have meaning, such as gestures, words, banners, music, clothing, hairstyles, and designs.
You can also check on this repo
- Twint
- Drone Emprit
- Maltego
- Twitter API or Platform API
- Data Broker (scrapper site)
- Data Visualization
Example attack surface
- Profile Identification. Analysts can identify profiles or accounts associated with known threat actors or suspicious activity
- Communication Patterns By monitoring conversations and interactions, analysts can understand communication patterns, helping to identify networks of malicious actors
- Sentiment Analysis. Analyzing sentiment can provide insight into the motivations, intentions, or potential targets of threat actors
- Content Analysis: Reviewing shared content, such as images, videos, or links, can provide clues to a threat actor's capabilities, tools, or methodologies
- Analzying trend
So far this is a problem that is often found in SOCMINT, if I find something new I will add it here. SOCMINT is something very extraordinary but there are weaknesses. Like the mass media, opposition and other things