In thinking about OSINT software, TikTok has become one of the fastest-growing sources of potentially valuable information.
TikTok's premise and appeal are pretty straightforward. Users upload short videos (generally 15-30 seconds long), and the majority of the videos feature music, dancing, lip-synching, and other attention-grabbing themes.
However, in recent years, TikTok has become more than an entertainment hub.
Today TikTok boasts more than 1.6 billion users (of which 1.05 billion are active monthly), and an estimated 24 million videos are posted to TikTok every day. Moreover, when it comes to developing situations in specific corners of the world – like political issues or natural disasters – the wealth of real-time data an investigator can extract about what’s happening on the ground is astounding.
In early 2022, when the world searched for clues about Russian President Vladimir Putin’s intentions for Ukraine, TikTok first leaked that an invasion was imminent. Users posted videos of the Russian military transporting tanks and equipment to the Ukrainian border, which then caught international media’s attention.
Monitoring TikTok can be challenging for social media investigators due to its vast content. The platform's mechanics also pose additional hurdles, such as presenting numerous results for simple searches and identifying relevant content based on personal interests rather than relevant threat intelligence. Moreover, identifying bad actors can be difficult as users only upload one profile photo that, once changed, cannot be retrieved.
The good news? Numerous social media monitoring tools can help investigators locate valuable videos and extract user information. Before you start the Herculean task of combing through billions of TikTok videos, consider enlisting one of these OSINT software tools to make your job easier.
Let’s explore.
OSINT software tools must always go hand in hand with good tradecraft.
Despite Tik Tok’s value as a threat intel platform, it remains somewhat controversial. ByteDance, a China-based corporation, owns Tik Tok. This ownership means the parent company is legally bound to provide Chinese authorities with requested data. Additionally, there is some concern that the JavaScript code embedded in the app allows Tik Tok to monitor all keystrokes on a device. Theoretically, company officials can see text inputs such as credit card information and passwords.
Despite Tik Tok’s ardent denial of these claims, many organizations have addressed the potential risk by prohibiting employees from downloading TikTok.
The reality is, however, that excluding TikTok from your social media monitoring program could mean overlooking severe risks to your organization.
Accordingly, at LifeRaft, we encourage analysts to use a web isolation service like Authentic8 before beginning a TikTok OSINT investigation. Authentic8 allows analysts and security teams to browse the internet from a cloud-based server rather than their own workstations.
The benefits are simple: First, a cloud-based infrastructure ensures that website code is never executed on the user's work terminal, protecting the user's system and their company's network from web-borne threats like malware or spyware.
Secondly, certain web isolation services allow users to customize their device details, including location, time zone, language, IP address, and keyboard settings. This manipulation enables investigators to access sites like TikTok without revealing their identity or location to others, offering a secure and anonymous browsing experience.
TikTok does not officially support scraping public data like Twitter or YouTube, but alternative tools, such as the TikTok API, are available. With this OSINT software tool, you can search for TikTok users by name, search by hashtags linked to videos, and to watch videos. The primary limitation of this social media monitoring tool is that developers with intricate knowledge of data-scraping practices will be able to utilize it best.
The Bellingcat TikTok analysis tool allows analysts to collect a dataset of TikToks connected with specific hashtags over a more extended period. Additionally, it provides insight into what other topics appear together with specific hashtags most consistently. Analyzing patterns in the joint use of hashtags can help analysts spot coordinated influence or disinformation campaigns. Additionally, if the same set of hashtags is used repeatedly, examining a large cohort of posts can provide contextual insight for specific hashtags.
This social media monitoring tool is pretty straightforward- this OSINT tool allows analysts to pinpoint the exact upload date and time for Tik Tok video URLs. Input the video URL; the tool will display the specific upload time.
This OSINT software tool allows users to collect data from TikTok videos to any CRM, with customizable options for automation to perform the work relatively quickly. The program also works on the cloud, so there is no download of additional software required.
Apify is a no-coding-required tool that is a good fit for beginners or investigators needing a more substantial developer background. With Apify’s TikTok Scraper, investigators can extract data from videos, hashtags, and users and publicly available information, including comments, number of shares, URLs, and followers.
Smartproxy features a specialized social media scraping API focusing on two popular targets: Instagram and TikTok. Smartproxy allows users to scrape publicly available TikTok data points, including profiles, usernames, posts, hashtags, sounds, and videos. One drawback- this social media monitoring tool does not allow investigators to get results in large batches.
Like some of the other OSINT software tools on the list, the Wayback Machine is a generalized tool that performs several functions and assists with various investigative efforts. The Wayback Machine's stand-out feature is its ability to identify deleted profile photos, videos, and other pertinent data. To find the deleted post, enter the URL and the date range, and the Wayback Machine will do the rest.
At LifeRaft, we’ve helped hundreds of customers start collecting OSINT on TikTok. Many TikTok OSINT tools require developer knowledge and are stand-alone tools that can only tackle TikTok posts (or some aspects of social media platforms in general).
Navigator searches all social media platforms to identify crucial data to investigators and countless other sites where essential information may be lurking. Relevant data sources include blogs, message boards, forms, classified sites, deep and dark web sites, and alternative social media channels that may not have the sheer volume of users that TikTok does and may be under an investigator's radar.
Best of all, Navigator saves investigators valuable time through automation and works 24/7 to monitor TikTok and the broader online world. Once Navigator detects a potential threat, it alerts your in-house team and provides multiple options for validation, identity resolution, and dissemination.
TikTok is a social media platform that security teams must pay attention to.
While none of the options we've discussed represent the final word on OSINT tools, they provide valuable additions to your security toolkit.
Reach out to our LifeRaft team today to get started on your TikTok monitoring and adopt an intelligence-led OSINT strategy.