tinfoleak is an open-source tool within the OSINT (Open Source Intelligence) that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic coordinates or keywords, tinfoleak analyzes the Twitter timeline to extract great volumes of data and show useful and structured information to the intelligence analyst.
tinfoleak is included in several Linux Distros: Kali, CAINE, BlackArch and Buscador. It is currently the most comprehensive open-source tool for intelligence analysis on Twitter.
tinfoleak can extract the following information:
- Account info / User Activity / Protected Accounts
- Source Applications / User Devices / Use Frequency
- Hashtags / Mentions / Likes
- Text Analysis / Words Frequency / Media / Metadata
- User Visited Places / User Routes / User Top Locations
- Social Networks / Digital Identities
- Geolocated Users / Tagged Users
- Followers / Friends
- Lists / Collections
- Conversations
Install Python and dependencies:
sudo apt install python-pip python-dev build-essential python2.7-dev python-pyexiv2 python-opensslDownload: https://github.com/vaguileradiaz/tinfoleak
sudo pip install --upgrade pip
sudo pip install --upgrade virtualenv
sudo pip install --upgrade tweepy
sudo pip install --upgrade pillow
sudo pip install --upgrade exifread
sudo pip install --upgrade jinja2
sudo pip install --upgrade oauth2
Getting started
The first time you runs tinfoleak, you need to assign the OAuth settings.
1. Edit “tinfoleak.conf”
Use your favorite editor 😉
2. Give value to these variables:
CONSUMER_KEY
CONSUMER_SECRET
ACCESS_TOKEN
ACCESS_TOKEN_SECRET
3. How to obtain these values:
https://developer.twitter.com/en/docs/basics/authentication/guides/access-tokens
4. Save “tinfoleak.conf”
5. Execute “tinfoleak.py”
Comments