Social media for reconnaissance is a prime way for attackers and researchers. Social media websites like Twitter offer vast, searchable databases updated in real-time by millions of users, but it can be incredibly time-consuming to manually search data.
Twint is an OSINT crawler that can dig deep and meaningful information out of Twitter. Twitter also contains certain a combination of real data and sometimes junk. Tools like Twint allows you not only to dig data from usernames but also offers a lot of customization options for all your reconnaissance needs via Twitter.
Forms of Data on Twitter
Twitter can provide real-time information not available elsewhere. Twitter also offers personal insights and observations of employees, incidences, natural calamities, terrorism and even people in the right place at the right time.
You can expect to find the following kinds of information on Twitter:
Images
Phone numbers and personal details exchanged in public.
Photos and videos person, places, private infrastructures and products.
Images and videos from other people at events.
Source Statements for someone under investigation.
Company and employee details.
Geo Locations
Twint is an advanced Twitter scraping & OSINT tool written in Python that doesn’t use Twitter’s API, allowing you to scrape a user’s followers, following, Tweets and more while evading most API limitations.Twitter limits scrolls while browsing the user timeline. This means that with.Profile or with.Favorites you will be able to get ~3200 tweets which are the only limitation but this can be solved by using specific customization.
Twint also offers you to import your data in the form of CSV, text,JSON,SQLite,elastic search which is useful.
GitHub Link : – https://github.com/twintproject/twint
Requirements
Python 3.6
$ sudo apt-get update
$ sudo apt-get install python3.6
Go to pypi.org and search for these packages below in case you have any dependency missing after running the pip install.
aiohttp
aiodns
beautifulsoup4
cchardet
elasticsearch
pysocks
pandas (>=0.23.0)
aiohttp_socks
schedule
geopy
fake-useragent
How to install Twint ?
Twint is a Python library that can be scripted to perform more custom or complex actions.
Twint can be installed using the below methods
Using Git:
$sudo apt-get install git
$git clone https://github.com/twintproject/twint.git
$pip3 install -r requirements.txt
Using Pip:
pip3 install twint
or
pip3 install –user –upgrade -e git+https://github.com/twintproject/twint.git@origin/master#egg=twint
Once done just type twint -h for help options
Lets explore the options using real life examples
A few simple examples to help you understand the basics:
$twint -u username – Scrape all the Tweets from user’s timeline.
$twint -u realDonaldTrump
$twint -u username -s pineapple
Scrape all Tweets from the user’s timeline containing pineapple.
$twint -u realDonaldTrump -s ISIS
$twint -u username –year 2014
Collect Tweets that were tweeted before 2014.
$twint -u elonmusk –year 2019
Recent Tweets
$twint -u username –since 2015-12-20
Collect Tweets that were tweeted since 2015-12-20.
$twint -u Snowden –since 2019-01-01
Export metadata on your system
$twint -u username -o file.txt – Scrape Tweets and save to file.txt.
eg:
$twint -u CIA -s ISIS -o record.txt
$twint -u username -o file.csv –csv
Scrape Tweets and save as a csv file.
$twint -u CNN -s Korea -o Korea.txt
$twint -u UFOChronicles -s UFO -o ufo1.csv –csv
Historical Evidence
$twint -u ICC -s “world cup” –year 2018
$twint -u NASA -s aliens
Get Real time Data
$twint –to officialmcafee –since 2019-01-01 -s help -o mcafeecontacts –csv
$twint –verified -s “CIA” –near ‘New York’ –since 2019-02-17 –videos -o file.txt
Dive Deep with More Searches
$twint -u username –email –phone
Show Tweets that might have phone numbers or email addresses.
$twint -u verge –email –phone
Scrape Tweets from a radius of 1km around a place in New York City and export them to a csv file.
$twint -g=””40.7166638,-74.0,10km”,1km” -o file.csv –csv
Please note Twint only uses DD coordinates , DMS doesn’t work.
You can use the below websites to get coordinates
https://latitude.to/
https://www.latlong.net/
Get location based contents
$twint -u ArianaGrande –location –since 2019-2-10 –media
In case you would like to see all the followers of a username
$twint -u ArianaGrande –followers
Scrape a Twitter user’s followers.
$twint -u Cristiano –following
Scrape who a Twitter user follows.
$twint -u TeamMessi –favorites
Collect all the Tweets a user favorites
In case you would like to mine twitter usernames you can easily create a username file and import the same to csv or txt. Further more you can reverse engineer the thing and get access.
Reconnaissance is primarily the most important aspect of pen-testing. With the effective use of information gathering tools it becomes easier to gain significant amount of knowledge on the target. While testing Twint, I gained a lot of insights on politics, pollution,UFO and terrorism. Organizations can make an effective use of such awesome OSINT tools like Twint to approach targets.
I hope you enjoyed this guide using Twitter as a source of OSINT information with Twint. If you have any feedback or questions about this Twint tutorial, kindly please feel free to reach me out on Twitter @fallbeyond12
Project Nirvana 2030 