SlideShare a Scribd company logo

OSINT using Twitter & Python

Download as PPTX, PDF
3
37point2

This document discusses using Twitter and Python for open-source intelligence (OSINT) gathering. It provides an overview of Twitter concepts and the Twitter API. It also demonstrates how to use the Python library Tweepy to access Twitter data and analyze tweets. Specific analyses demonstrated include visualizing hashtags, retweets, replies and interactions over time. The goal is to gather intelligence on individuals, groups, topics and markets from public Twitter data.

1 of 44
Downloaded 168 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
OSINT Footprinting Using Twitter and Python
Who am I?  Raymond Lilly  @37point2  Analyst at a Social Media/Customer Relations Management company  Senior, Eastern Michigan University  Information Assurance/Network Security
What are we talking about?  OSINT gathering methods  Research with implications in  Intelligence  Social Engineering  Marketing
Intelligence  What are people talking about?  Intel vs Counter Intel  Targeting concerns Individuals/Groups Geographic regions Time Topics
Social Engineering Leaking information  What do your co-workers/employees talk about during/after work?  IT talking about new tech deployments?  Any employees venting about internal issues?  C levels discussing personal hobbies/travel plans?
Marketing  Can you identify your customers?  What are they talking about?/What other interests do they have?  Can you profile them and use that to reach new potential customers?  Find new markets?  Reduce your customer assistance cost or increase customer satisfaction?
Fun Stuff  New Job info  What’s the corporate culture like?  Does the company embrace new tech/ideas or shun them?  Amplify the reach of your messages  Find organizations/groups that are interested in the same things you are
Key Twitter Concepts  Tweets – 140 characters  Following  Friends  Followers  Did you pick the user?
Followers A -> B
Friends B -> C
A -> B -> C
Twitter’s API  https://dev.twitter.com/docs/api  Authenticated vs. Unauthenticated  How hard is it to get OAuth Tokens?  REST  Streaming
Tweepy!  Python module for Twitter’s API  https://github.com/tweepy/tweepy/  Joshthecoder
GET status/user_timeline  Takes a user_id or screen_name  since_id  count  exclude_replies  include_rts  Tweepy.api.get_status(‘37point2’)
GET users/show  user_id/screen_name  include_entities  ^-- Awesome!  Tweepy.api.get_user(‘37point2’)
 "id": 286868576,  "id_str": "286868576",  "name": "37point2",  "screen_name": "37point2",  "location": "",  "description": "Information Assurance student at Eastern Michigan University. rnIntel Analysis, Data Viz, Incident Response",  "url": "http://www.linkedin.com/in/raymondlilly",  "protected": false,  "followers_count": 244,  "friends_count": 992,  "listed_count": 6,  "created_at": "Sat Apr 23 21:25:44 +0000 2011",  "utc_offset": -18000,  "time_zone": "Eastern Time (US & Canada)",
"description": "Information Assurance student at Eastern Michigan University. rnIntel Analysis, Data Viz, Incident Response",
OSINT using Twitter & Python
Method to the Madness  Information Needed/Gathered  Tools used  Visualization  Analysis
Echo Chamber  Last 1000 Tweets of everyone followed  Basic Word Count  Wordle.net
OSINT using Twitter & Python
Tweets per Day  Individual  Last 3200 Tweets  Community  Last 1000 Tweets (#infosec – May 18-21)  Plot Tweets over weekdays
OSINT using Twitter & Python
OSINT using Twitter & Python
Hashtags/Topics  Last 3200 Tweets  include_entities! #lazyhacker  include_rts  Google Visualization API  Hashtags & HashtagsWithRetweets
OSINT using Twitter & Python
OSINT using Twitter & Python
Retweets/Replies  Last 3200 Tweets  include_entities  include_rts!!!  Retweets  Replies  Best time for a response?
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
Interactions w/ Influence and Topics  Klout  BOO!!!  Changes algorithm daily  What is the algorithm? /shrug  Weights social media sites differently  Useful  Topics!!  Score used as guideline
Model  Last 3200 Tweets  Include all the things!  Add Klout score and topics
Formula for Influence  Klout^2 * interactions  50 vs 60  2500 vs 3600
Time to get interactive!
Clients  Last 3200 Tweets  Total Counts  Client usage over time
OSINT using Twitter & Python
More moving stuff!
Interactions & Topics  Last 3200 Tweets  include_entities  Maltego CaseFile  Community Edition
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
Interesting Tools  Tweetstats.com  Twopcharts  Klout  Kred  Socialmention  NetworkX
Contact Info  Raymond Lilly  @37point2  rlilly@emich.edu

More Related Content

PPTX
OSINT
Apurv Singh Gautam
 
PDF
Offensive OSINT
Christian Martorella
 
PPTX
Let’s hunt the target using OSINT
Chandrapal Badshah
 
PDF
Open Source Intelligence (OSINT)
festival ICT 2016
 
PDF
OSINT: Open Source Intelligence - Rohan Braganza
NSConclave
 
PDF
Cyber threat intelligence ppt
Kumar Gaurav
 
PDF
Ethelhub - Introducción a OSINT
Carlos Crisóstomo Vals
 
PDF
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
MITRE - ATT&CKcon
 
OSINT
Apurv Singh Gautam
 
Offensive OSINT
Christian Martorella
 
Let’s hunt the target using OSINT
Chandrapal Badshah
 
Open Source Intelligence (OSINT)
festival ICT 2016
 
OSINT: Open Source Intelligence - Rohan Braganza
NSConclave
 
Cyber threat intelligence ppt
Kumar Gaurav
 
Ethelhub - Introducción a OSINT
Carlos Crisóstomo Vals
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
MITRE - ATT&CKcon
 

What's hot (20)

PDF
OSINT y hacking con buscadores #Palabradehacker
Yolanda Corral
 
PPTX
Getting started with using the Dark Web for OSINT investigations
Olakanmi Oluwole
 
PDF
Cyber Threat Intelligence
ZaiffiEhsan
 
PDF
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
MITRE ATT&CK
 
PDF
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
MITRE ATT&CK
 
PPTX
Threat Hunting with Splunk
Splunk
 
PPTX
Role of Forensic Triage In Cyber Security Trends 2021
Amrit Chhetri
 
PDF
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
PDF
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
MITRE ATT&CK
 
PDF
The ATT&CK Latin American APT Playbook
MITRE ATT&CK
 
PDF
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE - ATT&CKcon
 
PDF
TA505: A Study of High End Big Game Hunting in 2020
MITRE - ATT&CKcon
 
PDF
OSINT- Leveraging data into intelligence
Deep Shankar Yadav
 
PDF
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
MITRE ATT&CK
 
PDF
Casos reales usando osint
QuantiKa14
 
PPTX
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Katie Nickels
 
PDF
OSINT x UCCU Workshop on Open Source Intelligence
Philippe Lin
 
PDF
OSINT 2.0 - Past, present and future
Christian Martorella
 
PDF
Open source intelligence information gathering (OSINT)
phexcom1
 
PDF
Hunting for Privilege Escalation in Windows Environment
Teymur Kheirkhabarov
 
OSINT y hacking con buscadores #Palabradehacker
Yolanda Corral
 
Getting started with using the Dark Web for OSINT investigations
Olakanmi Oluwole
 
Cyber Threat Intelligence
ZaiffiEhsan
 
ATT&CK Metaverse - Exploring the Limitations of Applying ATT&CK
MITRE ATT&CK
 
Would you Rather Have Telemetry into 2 Attacks or 20? An Insight Into Highly ...
MITRE ATT&CK
 
Threat Hunting with Splunk
Splunk
 
Role of Forensic Triage In Cyber Security Trends 2021
Amrit Chhetri
 
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
MITRE ATT&CK
 
The ATT&CK Latin American APT Playbook
MITRE ATT&CK
 
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE - ATT&CKcon
 
TA505: A Study of High End Big Game Hunting in 2020
MITRE - ATT&CKcon
 
OSINT- Leveraging data into intelligence
Deep Shankar Yadav
 
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...
MITRE ATT&CK
 
Casos reales usando osint
QuantiKa14
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Katie Nickels
 
OSINT x UCCU Workshop on Open Source Intelligence
Philippe Lin
 
OSINT 2.0 - Past, present and future
Christian Martorella
 
Open source intelligence information gathering (OSINT)
phexcom1
 
Hunting for Privilege Escalation in Windows Environment
Teymur Kheirkhabarov
 
Ad

Viewers also liked (13)

PPTX
How to Use Open Source Intelligence (OSINT) in Investigations
Case IQ
 
PPTX
Blackmagic Open Source Intelligence OSINT
Sudhanshu Chauhan
 
PPTX
Tools for Open Source Intelligence (OSINT)
Sudhanshu Chauhan
 
PPTX
Jupyter Ascending: a practical hand guide to galactic scale, reproducible dat...
John Fonner
 
PDF
JupyterHub for Interactive Data Science Collaboration
Carol Willing
 
PDF
Jupyter, A Platform for Data Science at Scale
Matthias Bussonnier
 
PDF
Osint overview 26 mar 2015
Mats Björe
 
PPTX
D3 in Jupyter : PyData NYC 2015
Brian Coffey
 
PDF
Your first TensorFlow programming with Jupyter
Etsuji Nakai
 
PDF
What you need to know about OSINT
Jerod Brennen
 
PDF
OSINT for Attack and Defense
Andrew McNicol
 
PDF
Osint 2ool-kit-on the-go-bag-o-tradecraft
Steph Cliche
 
PDF
Jupyter Kernel: How to Speak in Another Language
Wey-Han Liaw
 
How to Use Open Source Intelligence (OSINT) in Investigations
Case IQ
 
Blackmagic Open Source Intelligence OSINT
Sudhanshu Chauhan
 
Tools for Open Source Intelligence (OSINT)
Sudhanshu Chauhan
 
Jupyter Ascending: a practical hand guide to galactic scale, reproducible dat...
John Fonner
 
JupyterHub for Interactive Data Science Collaboration
Carol Willing
 
Jupyter, A Platform for Data Science at Scale
Matthias Bussonnier
 
Osint overview 26 mar 2015
Mats Björe
 
D3 in Jupyter : PyData NYC 2015
Brian Coffey
 
Your first TensorFlow programming with Jupyter
Etsuji Nakai
 
What you need to know about OSINT
Jerod Brennen
 
OSINT for Attack and Defense
Andrew McNicol
 
Osint 2ool-kit-on the-go-bag-o-tradecraft
Steph Cliche
 
Jupyter Kernel: How to Speak in Another Language
Wey-Han Liaw
 
Ad

Similar to OSINT using Twitter & Python (20)

PDF
Unleashing Twitter Data for Fun and Insight
Matthew Russell
 
PDF
Unleashing twitter data for fun and insight
Digital Reasoning
 
PPT
John Conroy
blogtalk
 
PPTX
Information Gathering Over Twitter
Brian Baskin
 
PDF
Sourcing with Social Media: Tips from a Corporate Sleuth by Sean Campbell
Reynolds Center for Business Journalism
 
PPTX
#twitter101
ampayton
 
PPTX
Twitter & Tweets
BARRY HAMMOND
 
PDF
IRJET- Review Analyser with Bot
IRJET Journal
 
PPT
Twitter
Ron Sin
 
PPTX
Social Media Data Collection & Analysis
Scott Sanders
 
PDF
The Art of Social Media Analysis with Twitter & Python-OSCON 2012
OSCON Byrum
 
PDF
The Art of Social Media Analysis with Twitter & Python
Krishna Sankar
 
PDF
Mining Social Web APIs with IPython Notebook (Strata 2013)
Matthew Russell
 
PPTX
How to start using Twitter
Albert Einstein Cancer Center
 
PPTX
Twitter_Sentiment_analysis.pptx
JOELFRANKLIN13
 
PDF
Twitter As Business Tool
Richard Meyer
 
KEY
TWIMPACT: Know your audience!
Matthias Jugel
 
PDF
Twitter 101 for Business
Renegade Business Solutions
 
PPT
Twitter for trainers webcast
Kella Price
 
PDF
Mining Social Web APIs with IPython Notebook (PyCon 2014)
Matthew Russell
 
Unleashing Twitter Data for Fun and Insight
Matthew Russell
 
Unleashing twitter data for fun and insight
Digital Reasoning
 
John Conroy
blogtalk
 
Information Gathering Over Twitter
Brian Baskin
 
Sourcing with Social Media: Tips from a Corporate Sleuth by Sean Campbell
Reynolds Center for Business Journalism
 
#twitter101
ampayton
 
Twitter & Tweets
BARRY HAMMOND
 
IRJET- Review Analyser with Bot
IRJET Journal
 
Twitter
Ron Sin
 
Social Media Data Collection & Analysis
Scott Sanders
 
The Art of Social Media Analysis with Twitter & Python-OSCON 2012
OSCON Byrum
 
The Art of Social Media Analysis with Twitter & Python
Krishna Sankar
 
Mining Social Web APIs with IPython Notebook (Strata 2013)
Matthew Russell
 
How to start using Twitter
Albert Einstein Cancer Center
 
Twitter_Sentiment_analysis.pptx
JOELFRANKLIN13
 
Twitter As Business Tool
Richard Meyer
 
TWIMPACT: Know your audience!
Matthias Jugel
 
Twitter 101 for Business
Renegade Business Solutions
 
Twitter for trainers webcast
Kella Price
 
Mining Social Web APIs with IPython Notebook (PyCon 2014)
Matthew Russell
 

OSINT using Twitter & Python

  • 2. Who am I?  Raymond Lilly  @37point2  Analyst at a Social Media/Customer Relations Management company  Senior, Eastern Michigan University  Information Assurance/Network Security
  • 3. What are we talking about?  OSINT gathering methods  Research with implications in  Intelligence  Social Engineering  Marketing
  • 4. Intelligence  What are people talking about?  Intel vs Counter Intel  Targeting concerns Individuals/Groups Geographic regions Time Topics
  • 5. Social Engineering Leaking information  What do your co-workers/employees talk about during/after work?  IT talking about new tech deployments?  Any employees venting about internal issues?  C levels discussing personal hobbies/travel plans?
  • 6. Marketing  Can you identify your customers?  What are they talking about?/What other interests do they have?  Can you profile them and use that to reach new potential customers?  Find new markets?  Reduce your customer assistance cost or increase customer satisfaction?
  • 7. Fun Stuff  New Job info  What’s the corporate culture like?  Does the company embrace new tech/ideas or shun them?  Amplify the reach of your messages  Find organizations/groups that are interested in the same things you are
  • 8. Key Twitter Concepts  Tweets – 140 characters  Following  Friends  Followers  Did you pick the user?
  • 9. Followers A -> B
  • 10. Friends B -> C
  • 11. A -> B -> C
  • 12. Twitter’s API  https://dev.twitter.com/docs/api  Authenticated vs. Unauthenticated  How hard is it to get OAuth Tokens?  REST  Streaming
  • 13. Tweepy!  Python module for Twitter’s API  https://github.com/tweepy/tweepy/  Joshthecoder
  • 14. GET status/user_timeline  Takes a user_id or screen_name  since_id  count  exclude_replies  include_rts  Tweepy.api.get_status(‘37point2’)
  • 15. GET users/show  user_id/screen_name  include_entities  ^-- Awesome!  Tweepy.api.get_user(‘37point2’)
  • 16. "id": 286868576,  "id_str": "286868576",  "name": "37point2",  "screen_name": "37point2",  "location": "",  "description": "Information Assurance student at Eastern Michigan University. rnIntel Analysis, Data Viz, Incident Response",  "url": "http://www.linkedin.com/in/raymondlilly",  "protected": false,  "followers_count": 244,  "friends_count": 992,  "listed_count": 6,  "created_at": "Sat Apr 23 21:25:44 +0000 2011",  "utc_offset": -18000,  "time_zone": "Eastern Time (US & Canada)",
  • 17. "description": "Information Assurance student at Eastern Michigan University. rnIntel Analysis, Data Viz, Incident Response",
  • 19. Method to the Madness  Information Needed/Gathered  Tools used  Visualization  Analysis
  • 20. Echo Chamber  Last 1000 Tweets of everyone followed  Basic Word Count  Wordle.net
  • 22. Tweets per Day  Individual  Last 3200 Tweets  Community  Last 1000 Tweets (#infosec – May 18-21)  Plot Tweets over weekdays
  • 25. Hashtags/Topics  Last 3200 Tweets  include_entities! #lazyhacker  include_rts  Google Visualization API  Hashtags & HashtagsWithRetweets
  • 28. Retweets/Replies  Last 3200 Tweets  include_entities  include_rts!!!  Retweets  Replies  Best time for a response?
  • 32. Interactions w/ Influence and Topics  Klout  BOO!!!  Changes algorithm daily  What is the algorithm? /shrug  Weights social media sites differently  Useful  Topics!!  Score used as guideline
  • 33. Model  Last 3200 Tweets  Include all the things!  Add Klout score and topics
  • 34. Formula for Influence  Klout^2 * interactions  50 vs 60  2500 vs 3600
  • 35. Time to get interactive!
  • 36. Clients  Last 3200 Tweets  Total Counts  Client usage over time
  • 39. Interactions & Topics  Last 3200 Tweets  include_entities  Maltego CaseFile  Community Edition
  • 43. Interesting Tools  Tweetstats.com  Twopcharts  Klout  Kred  Socialmention  NetworkX
  • 44. Contact Info  Raymond Lilly  @37point2  rlilly@emich.edu