Skip to main content

Tinfoleak - Twitter Open Source Intelligence Tool


tinfoleak is an open-source tool within the OSINT (Open Source Intelligence) that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic coordinates or keywords, tinfoleak analyzes the Twitter timeline to extract great volumes of data and show useful and structured information to the intelligence analyst.

tinfoleak is included in several Linux Distros: Kali, CAINE, BlackArch and Buscador. It is currently the most comprehensive open-source tool for intelligence analysis on Twitter.


tinfoleak can extract the following information:
  1.     Account info / User Activity / Protected Accounts
  2.     Source Applications / User Devices / Use Frequency
  3.     Hashtags / Mentions / Likes
  4.     Text Analysis / Words Frequency / Media / Metadata
  5.     User Visited Places / User Routes / User Top Locations
  6.     Social Networks / Digital Identities
  7.     Geolocated Users / Tagged Users
  8.     Followers / Friends
  9.     Lists / Collections
  10.     Conversations
Installation
Install Python and dependencies:
sudo apt install python-pip python-dev build-essential python2.7-dev python-pyexiv2 python-openssl
sudo pip install --upgrade pip
sudo pip install --upgrade virtualenv
sudo pip install --upgrade tweepy
sudo pip install --upgrade pillow
sudo pip install --upgrade exifread
sudo pip install --upgrade jinja2
sudo pip install --upgrade oauth2
Download: https://github.com/vaguileradiaz/tinfoleak

Getting started

The first time you runs tinfoleak, you need to assign the OAuth settings.

    1. Edit “tinfoleak.conf”
        Use your favorite editor 😉
    2. Give value to these variables:
        CONSUMER_KEY
        CONSUMER_SECRET
        ACCESS_TOKEN
        ACCESS_TOKEN_SECRET
    3. How to obtain these values:
        https://developer.twitter.com/en/docs/basics/authentication/guides/access-tokens
    4. Save “tinfoleak.conf”
    5. Execute “tinfoleak.py”


Lets see video:




Comments

Popular posts from this blog

How To Enable DNS over HTTPS

  DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. An alternative to DoH is the DNS over TLS (DoT) protocol, a similar standard for encrypting DNS queries, differing only in the methods used for encryption and delivery. On the basis of privacy and security, whether or not a superior protocol exists among the two is a matter of controversial debate, while others argue the merits of either depend on the specific use case. Benefits DoH improves privacy by hiding domain name lookups from someone lurking on public WiFi, your ISP, or anyone else on your local network. DoH, when enabled, ensures that your ISP cannot collect and sell personal information related to your br...

Fix HTTPS issue in browser - Burp Suite

If you get message "Software is Preventing Firefox From Safely Connecting to This Site. Most likely a safe site, but a secure connection could not be established. This issue is caused by The original certificate provided by the web server is untrusted., which is either software on your computer or your network." lets see the tutorial. 1. With Burp suite running, visit http://burp in your browser and click the "CA Certificate" link to download and save your Burp CA certificate. Remember where you save the Burp CA certificate.

The Five Eyes - Intelligence Alliance

 The Five Eyes intelligence alliance is a secretive coalition and surveillance arrangement of countries internationally which include the United States National Security Agency (NSA), Canada’s Communications Security Establishment Canada (CSEC), the United Kingdom’s Government Communications Headquarters (GCHQ), New Zealand’s Government Communications Security Bureau (GCSB) and the Australian Signals Directorate (ASD). A series of bilateral agreements were developed in the beginning of 1946 by an alliance of five English-speaking countries over a period of time and became to known as the UKUSA agreement. This agreement established the Five Eyes alliance to share intelligence especially signals intelligence (SIGINT). These five English-speaking countries for almost 70 years have been involved in the global surveillance spying on the communications all over the world and build an infrastructure to master the internet for surveillance.