What intelligence clues can you dig out from TikTok?

• This article is not a survey demonstration, but an introduction to where you can get clues to information and what those clues will mean

TikTok has become popular with the younger generation, and more and more users are flocking to the platform. The app allows users to record and share short videos as well as comment on other users' videos.

A browser version of the app also exists, but its functionality is much more streamlined and requires a bit of knowledge to work around and get the most out of it.

Investigators should do this because the browser version makes it easier to get action on the investigation, while the mobile version is not secure.

This guide will focus on how to exploit TikTok through a computer browser rather than the mobile app, and all of this investigation will not require you to sign up for a TikTok account .

secjuice provides a reference on what certain information can be obtained from TikTok and provides some TikTok-specific tools and techniques to obtain the most information from a target account.

The following is a step-by-step introduction.

personal information--

The user's personal data will be included in all publicly viewable information in the account, thus serving the majority of the investigation's collection and analysis.

A user's TikTok profile can be viewed in a web browser by adding the username to the end of the following URL: https://www.tiktok.com/@

A user's profile page can contain multiple *exploitation points* , including: profile photo, nickname, unique ID (@), verified badge, description, and the account's total followers, following and number of likes . User profiles also include videos posted by the account.

From there, you can hone your target's tendencies and grab the most clues that can be further tracked across platforms.

Cross-platform tracking demonstration and defense strategy recommendations:

• " Chasing the Inside Story of Government Propaganda Wars: A Digital Forensics Case Study of Cross-Platform Network Analysis "
• " How to track targets across social media platforms? ⚠️Warning safety awareness 》
• Defense The Complete Guide to Doppelganger: How to Manage Your Online Identity and Stay Safe

Profile photo -

In itself, copyright protectors on most social media sites are very good at hiding their true identities for a long time, but TikTok is different . Many TikTok users seem to enjoy exposing their identities, thus bringing more convenience to trackers .

This is especially true on sites where users compete to spread viral content and/or gain a lot of attention.

As always, the first thing we would recommend is to run recon against the user's profile photo via a reverse image search tool such as Google, Bing, Yandex, or Tineye.

Analysis about reverse image search tools :

• " Which company has the best image search function?" Capability comparison of image verification methods 》

You can get the photo's url by clicking on Image quickly and selecting the "Inspect Element" option. You'll see this code below, which contains the full size URL of the photo within the bundle:

Background image: URL ( https://p16.muscdn.com/img/musically-maliva-obj/1638197514769414~c5_720x720.jpeg )

On a side note, what do you do when your social media photos aren’t full size ?

• " Don't let the natural blur of social media get in the way of the truth "

By using this link on images.google.com, the owner of the target account can quickly be found on multiple other social media sites - that is, cross-platform tracking, because the target uses the same photo on different social media platforms.

In addition to running a reverse image search using the profile photo URL, you can also add it to URL replacement and view the full size image as shown below.

This can make a big difference when trying to see details in a photo that wouldn't be identifiable just by the profile tag that appears on the account.

Nick name--

The target user's nickname is the last name on the account profile, and the font is larger than the rest of the text. Please note that multiple accounts can have the same nickname on the platform, so users may not be unique.

That being said, different users treat this segment differently. Some people transfer their exploit username, while others may display their full or partial name in this segment.

In the above example, the target user selected another. This will help later when trying to fully identify the user .

Unique ID (@)——

Just below the user's nickname will be their unique ID, which always starts with the @ symbol.

Unlike a nickname, this is a unique identifier and cannot be used on multiple accounts.

Investigators should treat this as a username, and you should try to look up accounts on other sites using the same unique ID - because people tend to do that all the time and lack creativity in naming themselves.

You can use one of the many username search tools or run a username search on other search engines by using quotes (e.g. "kingjomanji").

For search tool integration, see:

• " If you're good at searching, you can find everything "

You should use multiple tools here, as multiple tools have their own weaknesses.

For example, even though Google does crawl some third-party sites for Instagram (like pictame), it doesn't seem to crawl all Instagram accounts all the time. Depending on the age of the account, it may be hit or miss.

In the example above, a username query was run through Google, which captured the Instagram account, but nothing more conclusive on other platforms at the time.

Personal identity verification mark——

Like most social media platforms, real-name verification will have a verification mark ✅, which appears under the unique ID of their profile, followed by "Verified Account."

Most verified accounts will belong to celebrities or other social media influencers, who often have large followings and become the center of public opinion.

This flag doesn't provide much help in terms of investigative value other than helping to confirm that the account may be who they propose to be. And citizen investigations tend not to target verified accounts.

followig--

Followers is a list of all users that the account is currently following. If you only have one computer and don't have a TikTok account, checking a user's followers can be a daunting task.

Unfortunately, there doesn't seem to be a native way to replicate this on the TikTok website.

That being said, there is a third-party website (pictured above) that can help you do just that . Not all accounts are saved there, but it's always worth a try.

Investigators must target users whose followers are more valuable than their followings because the former are the people who were actively added by the target of your investigation and there will be a reason for this addition.

This suggests that they are either investors in these accounts or know these people in real life or on another platform. This is how you think about uncovering hidden social relationships .

• Demonstration " How to unearth the hidden interpersonal relationships of the target person?" 》

This can also be useful for building an overview of a life pattern, for example, if they become aware of followers who share the exact same interests. You can even dig into more in-depth information about your target people on other websites and platforms by tracking this life pattern.

Do you still remember the case we talked about in the "Perfect Stealth" series about using Madonna to trick the target into taking the bait ? Review the Perfect Stealth series below:

• " How to Be Perfectly Stealth: Face Your Opponent—6 Principles (1) "
• " How to Be Perfectly Invisible: Tracker's Methods and Your Weaknesses (2) "
• " How to achieve perfect stealth: Think strategically (3) "
• " How to achieve perfect invisibility: technical value-added part—the simplest method of cloning (4) "
• " How to achieve perfect invisibility: Cleaning and inventory-important steps for information tampering (5) "
• " How to Be Perfectly Invisible: Exciting Psychological Tricks (6) "
• " How to achieve perfect stealth: sweep dangerous areas (7) "

In the example above, you can see that Howie Mandel only followed 18 accounts, and they all appear to be celebrity, or social media influencer accounts of some sort.

Followers——

A user's Followers list will contain a list of all users who follow the account.

Just like following, if you only have one computer and/or don't have a TikTok account, checking out that user's followers can be a daunting task.

Users with accounts and the mobile TikTok app can list a user's followers on their profile; there doesn't appear to be a direct way on the TikTok website.

Again, it is recommended to use the same third-party website that allows you to view a user’s follower list here . Please note that not all accounts will appear on this site.

The information provided by followers may not be as profitable as followers, but it is by no means useless.

Searching this list, paying particular attention to smaller and lesser-known accounts, can help find people the account owner knows in real life or on another platform , helping to narrow down their location. Commands to find other accounts becomes easier.

As you can see in the example above, the account has over 25 million followers, which means it’s not possible to simply comb through them one by one, or should you look for other areas to exploit.

like--

The total number of likes a user has received will be displayed on their profile, which is the total number of all likes given by other users on each video.

For investigative purposes, likes don't have much value other than to try to determine the establishment or legitimacy of the account. Having said that, if you want to see all the videos that your target users have liked, you can do so on the same third-party website mentioned above. It is possible to intuitively see the height and taste of the target person.

As you can see in the example above, the account has liked nearly 200 videos, but many of these videos are from different countries. However, the UK flag appears most frequently and may indicate that the account owner is from the UK. , or where you currently live.

It's also possible that the target account owner happens to be more interested in UK users' accounts and requires more verification information before committing.

Introduction——

This section is an area that allows users to provide a brief introduction about themselves, shown below, followers and likes.

Although users can cause fields to be left blank, the profile can be one of the most informative sections of a target user's profile to an investigator.

You can even find some very sensitive information after this , sometimes : other account names on other platforms, locations, real names, etc., and even someone will show intimacy after this, such as "I am ***'s husband".

As you can see in the example above, the user's Facebook name is listed in the profile section, along with a profile photo describing her Facebook account where you can find her on Facebook. Then use Facebook’s powerful intelligence mining capabilities to obtain more in-depth information.

• For example, " Search people, photos, videos, locations... Encyclopedia: New FB "Graph Search" alternative - especially highlighting defense "

video--

Videos are the backbone of the TikTok platform and are where social interaction occurs through likes and comments.

Users can post videos up to one minute long; giving researchers enough time to browse many videos without being staggered by the length of the video itself, as one might encounter on other platforms.

You can easily search the URL of each video in the source code , making it easy to download the video for later use without any third-party tools.

You can right-click and select "Inspect Element" and then search for "playwm" to find the video's URL, which will look like this. From there you can right-click on the video and select "Save Video As."

https://www.tiktok.com/node/video/playwm?id=6747120899637382402&_signature=x.khSAAgEB1bUV2rbziwZcf5IlAAJpO

The video also contains a sample that can be reverse-image searched to find it on other platforms - potentially linking a user's identity to it , or the sample can be downloaded for later investigation.

To find this baseline, repeat the same steps above to download the video, just search the source code for the URL after "poster=", it will look like this:

poster =” https://p16-tiktokcdcd-com.akamaized.net/obj/v0201/gm01rv34mr95askb9hmb0000a152070v0200001e05”

Some tips on video authenticity verification are reviewed as follows:

• " How to Conduct Open Source Intelligence Investigation and Information Verification on Videos: Recommended Useful Tools "
• " 10 Simple Tips to Quickly Verify the Authenticity of Popular Social Media Videos "
• " How do citizen journalists verify the authenticity of private explosive videos?" 》
• " Information Verification: How to Automatically Reverse Image Search YouTube and Vimeo Videos?" 》
• " When an emergency comes, how to collect comprehensive video information?" 》
• " Disinformation Identification Toolbox: How to Verify the Authenticity of Images and Videos?" 》

text--

When posting a video, users also have the option to add some text to the post.

This section can be used to provide more context about the video, and can often include location information, and/or the names or usernames of friends or other people who may be depicted in the video.

As you can see in the example above, "ioawastate" has been included in the text section, which provides a very narrow search.

Label--

Hashtags on TikTok work the same way as other social media platforms. Users can add tags to their videos, allowing you to quickly find other videos on the site with related topics or content.

You can search for the hashtag on the website by adding it to the end of the following link : https://www.tiktok.com/tag/

You can then see all posted public videos that share the same tag. This is useful for tracking events on a specific topic.

Tags may also provide clues to tracking people in the video or in the location where the video is located, such as in the example above, which shows many videos posted around Los Angeles.

Knowing the city, state, or country where the video was filmed can make it easier to find redirect locations, or narrow down the list of possible target people.

music--

Users can add music to their TikTok videos, and their information will appear below the video's text and tags. In most cases, the music information will include the artist and title.

Users can also post their own audio instead of using that music. Second example above, it displays "original sound-" followed by the user's unique ID.

If your target users seem to be very interested in a particular musician, then your content can help determine other narratives based on them.

Like the video——

The total number of likes and comments will appear above the comments section of the video, and this number may represent the popularity of the specific video posted.

For survey purposes, this is of little value unless you are trying to determine when a specific user became popular based on the average number of likes per video.

Also note that this is the total number of likes for that specific video only, not the total number of likes shown on the user's profile. This section is treated the same as the total "like" count.

Video comments——

Users can leave comments on the video, which may help further identify the user who originally posted the video.

You can view the profiles of individual users who frequently comment on that user's videos to see if they have leaked any location or identifying information. This is an extended trace.

The comments can even show more information about the video, such as someone asking where the video was filmed, like in the example above where there are multiple comments indicating that the video was filmed inside a Target store.

at last

Hopefully you are now ready to start your first TikTok survey, don’t forget the above points.

Don’t forget about the dedicated waiter TikTok’s survey tool, which you can see here . ⚪️