Extracting words from Twitter using Twofi

We can profile a person utilizing social media such as Facebook, Twitter, LinkedIn, and so on. Twitter words of interest (Twofi) is written in Ruby and utilizes the Twitter API to generate a custom list of words that can be utilized for offline password cracking.

In order to use Twofi, we must have a valid Twitter API key and API secret. The following screenshot displays how to utilize Twofi during the passive reconnaissance to form our custom password word list. In the following example we run twofi –m 6 –u @PacktPub> filename, which generates a list of custom words that was posted by the @PacktPub Twitter handle. Twofi will be more powerful during an individual targeted attack: