TWOFI:- Twofi was written by Robin Wood at DigNinja. This tool can be used to grab the contents of the user’s or company’s Twitter feed. This tool allows the creation of a custom wordlist for cracking passwords, explains ethical hacking investigators.
For launching twofi
- Type twofi in the Linux terminal as shown below:-
- Before using twofi you must have a Twitter developer’s account and the Twitter API key
- If twofi is not installed, for downloading twofi type:
- git clone http://github.com/digininja/twofi
- The config file for twofi is /etc/twofi/twofi.yml as shown below:
==============OUTPUT SNIP===============
- Now we have to mention Twitter API key and secret in this twofi.yml file.
- To create the api keys go to http://apps.twitter.com and create a Twitter developer account.
- Enter the key which you have created from Twitter developer account in twofi.yml.
- After saving the API key, it will view something like this below:
For security reasons, the keys are marked red. The above key is only for testing purposes.
- Now type: twofi -c -u hack as shown below.
- In the above screenshot, the list can be used in creating the wordlist for attacking any account on twitter and other brute-force attacks.
Ethical hacking researcher of international institute of cyber security has found that hackers use these kinds of tools to create wordlists for breaking passwords and other attacks.
