Twofi

Overview

Twofi is an OSINT (Open Source Intelligence) tool that harvests information from Twitter to generate custom wordlists for password cracking and social engineering attacks. It collects tweets, hashtags, user bios, and other metadata from target Twitter accounts and analyzes them to create relevant wordlists tailored to specific individuals or organizations. Twofi is particularly valuable for targeted penetration testing and social engineering assessments.

Twofi helps security professionals understand password patterns and preferences of targets by analyzing their publicly available social media information.

Installation

From Kali Linux Repository

sudo apt-get update
sudo apt-get install twofi

From Source

git clone https://github.com/pielco11/twofi.git
cd twofi
pip3 install -r requirements.txt

Docker Installation

docker run -it kalilinux/kali-rolling twofi -h

Manual Setup

# Clone repository
git clone https://github.com/pielco11/twofi.git
cd twofi

# Install dependencies
pip3 install tweepy requests
pip3 install beautifulsoup4

# Make executable
chmod +x twofi.py

Basic Usage

Command	Purpose
twofi -u USERNAME -o OUTPUT.txt	Harvest tweets from user
twofi -s SEARCH_TERM -o OUTPUT.txt	Search tweets by keyword
twofi -u USER1 -u USER2 -o OUTPUT.txt	Multiple users
twofi --help	Show all options

Twitter API Setup

Authentication Configuration

# Create Twitter API keys
# Visit: https://developer.twitter.com/

# Create file: ~/.twofi/config.py
mkdir -p ~/.twofi
cat > ~/.twofi/config.py << EOF
CONSUMER_KEY = "your_consumer_key"
CONSUMER_SECRET = "your_consumer_secret"
ACCESS_TOKEN = "your_access_token"
ACCESS_TOKEN_SECRET = "your_access_token_secret"
EOF

# Set permissions
chmod 600 ~/.twofi/config.py

API Rate Limiting

# Twitter API allows limited requests
# Twofi handles rate limiting automatically

# Check rate limit status
twofi --check-limits

# Use with delays
twofi -u target_user -o output.txt --delay 2

Single User Harvesting

Basic User Tweet Collection

# Harvest all tweets from user
twofi -u "elon_musk" -o elon_wordlist.txt

# Tweets collected and processed:
# [+] Tweets collected: 450
# [+] Unique words: 2,341
# [+] Wordlist generated: elon_wordlist.txt

User Bio and Metadata

# Extract user bio information
twofi -u "target_user" --include-bio -o output.txt

# Includes:
# - Bio description words
# - User location references
# - URL mentions
# - Follower/following names

Tweet Analysis Depth

# Collect only recent tweets (last 7 days)
twofi -u "target_user" --recent -o output.txt

# Collect extensive history
twofi -u "target_user" --max-tweets 3200 -o output.txt

# Specific date range
twofi -u "target_user" --since 2023-01-01 --until 2023-12-31 -o output.txt

Multiple User Harvesting

Batch User Analysis

# Create user list file
cat > targets.txt << EOF
user1
user2
user3
user4
user5
EOF

# Harvest from multiple users
twofi -u targets.txt -o combined_wordlist.txt

# Merge wordlists
twofi -u user1 -o user1.txt &
twofi -u user2 -o user2.txt &
twofi -u user3 -o user3.txt &
wait

cat user1.txt user2.txt user3.txt | sort -u > merged.txt

Organization Analysis

# Analyze team members
employees="ceo cto cfo vp_sales engineering_lead"

for emp in $employees; do
    twofi -u "@company_$emp" -o "emp_$emp.txt"
done

# Merge all employee data
cat emp_*.txt | sort -u > company_wordlist.txt

Keyword and Hashtag Searching

Hashtag Analysis

# Search by hashtag
twofi -s "#CompanyName" -o hashtag_wordlist.txt

# Multiple hashtags
twofi -s "#CompanyName OR #OfficialHandle OR #ProductName" -o hashtags.txt

# Trending topic harvesting
twofi -s "python programming security" -o trending.txt

Domain-Specific Searches

# Industry/vertical specific
twofi -s "fintech startup cybersecurity" -o fintech.txt

# Company-related tweets
twofi -s "@CompanyHandle OR from:@CompanyHandle" -o company.txt

# Event-based
twofi -s "#DefCon2024 OR #BlackHat2024" -o conference.txt

Advanced Search Operators

# Tweets mentioning password/security
twofi -s "password OR authentication OR security" -o security.txt

# Recent tweets from influential accounts
twofi -s "cybersecurity min_faves:100" -o influential.txt

# Tweets in specific language
twofi -s "security lang:en" -o english.txt

# From verified accounts
twofi -s "security filter:verified" -o verified.txt

Wordlist Generation and Processing

Output Options

# Basic wordlist
twofi -u "target_user" -o wordlist.txt

# Include statistics
twofi -u "target_user" -o wordlist.txt --stats

# Frequency-sorted wordlist
twofi -u "target_user" -o wordlist.txt --frequency

# Unique words only
twofi -u "target_user" -o wordlist.txt --unique

Post-Processing Wordlists

# Remove duplicates
sort wordlist.txt | uniq > wordlist_clean.txt

# Sort by frequency
sort wordlist.txt | uniq -c | sort -rn > frequency.txt

# Extract only words of specific length
grep -E '^.{8,12}$' wordlist.txt > 8_12_char.txt

# Remove common words
grep -v -i -f common.txt wordlist.txt > filtered.txt

Advanced Analysis Techniques

Semantic Analysis

# Analyze tweet content themes
twofi -u "target_user" --analyze-sentiment -o sentiment.txt

# Extract named entities
twofi -u "target_user" --extract-entities -o entities.txt

# Topics mentioned
twofi -u "target_user" --topics -o topics.txt

User Network Analysis

# Collect mentions of other users
twofi -u "target_user" --include-mentions -o mentions.txt

# Analyze followers
twofi -u "target_user" --followers -o followers.txt

# Following list analysis
twofi -u "target_user" --following -o following.txt

Temporal Analysis

# Tweets by time period
twofi -u "target_user" --timeline -o timeline.txt

# Peak activity times
twofi -u "target_user" --activity-hours -o activity.txt

# Seasonal patterns
twofi -u "target_user" --monthly -o monthly_breakdown.txt

Integration with Password Cracking

Wordlist for Hashcat

# Generate Twofi wordlist
twofi -u "target_user" -o twofi_wordlist.txt

# Use with hashcat
hashcat -m 1000 -a 0 hashes.txt twofi_wordlist.txt

# Apply rules to expand wordlist
hashcat -r rules/best64.rule twofi_wordlist.txt > expanded.txt

Wordlist for John the Ripper

# Generate wordlist
twofi -u "target_user" -o twofi_wordlist.txt

# Use with John
john --wordlist=twofi_wordlist.txt --rules=single hashes.txt

# Combine with other wordlists
cat twofi_wordlist.txt rockyou.txt | sort -u > combined.txt
john --wordlist=combined.txt hashes.txt

Wordlist for Hydra

# Generate wordlist
twofi -u "target_user" -o twofi_wordlist.txt

# SSH brute force with custom wordlist
hydra -l username -P twofi_wordlist.txt ssh://target.com

# Web form attack
hydra -l username -P twofi_wordlist.txt http-post-form \
  "/login:user=^USER^&pass=^PASS^:F=Login failed"

Intelligence Gathering

Personal Information Extraction

# Locations mentioned
grep -i "from\|live\|based" wordlist.txt

# Companies mentioned
grep -i "work\|company\|team" wordlist.txt

# Interests and hobbies
grep -i "love\|like\|enjoy\|hobby" wordlist.txt

# Family references
grep -i "son\|daughter\|wife\|family" wordlist.txt

Pattern Recognition

# Common password patterns
# - Child's name + birth year
# - Pet name + numbers
# - Company name + year
# - Sports teams
# - Movie/book references

# Extract numbers frequently used
grep -oE '[0-9]+' wordlist.txt | sort | uniq -c | sort -rn

# Common name combinations
grep -E '(john|mary|james|patricia)' wordlist.txt -i

Wordlist Mutation and Enhancement

Password Generation Rules

# Apply common mutations
sed 's/$/1/g' twofi_wordlist.txt > mutations.txt  # Append 1
sed 's/$/!/g' twofi_wordlist.txt >> mutations.txt  # Append !
sed 's/^/Mr /g' twofi_wordlist.txt >> mutations.txt  # Prepend Mr

# Capitalize first letter
sed 's/\b\(.\)/\u\1/g' twofi_wordlist.txt > capitalized.txt

# Leet speak conversion
sed 's/a/@/g; s/e/3/g; s/i/1/g; s/o/0/g; s/t/7/g' twofi_wordlist.txt > leet.txt

Custom Rule Files

# Create hashcat rule file
cat > twitter_rules.rule << EOF
$1
$!
c
$2
$3
$0
EOF

# Apply rules
hashcat --stdout -r twitter_rules.rule twofi_wordlist.txt > expanded.txt

Privacy and Ethical Considerations

Responsible Collection

# Public data only
# Twofi only collects publicly available tweets

# Respect rate limits
# Automatic rate limit handling

# Attribution
# Document data sources for reports

Legal Compliance

# Twitter Terms of Service
# - No commercial use without permission
# - No scraping private data
# - Credit original tweets if republished

# Data Protection
# - Store collected data securely
# - Limit access to authorized personnel
# - Delete data when assessment completes

Advanced Scenarios

Scenario 1: Employee Assessment

# Collect employee tweets
twofi -u "employee1" -u "employee2" -u "employee3" -o employee_wordlist.txt

# Add company name and variations
echo "CompanyName" >> employee_wordlist.txt
echo "company2024" >> employee_wordlist.txt

# Use for password cracking
hashcat -m 1000 -a 0 ntlm_hashes.txt employee_wordlist.txt

Scenario 2: Targeted Phishing Wordlist

# Collect CEO's tweets
twofi -u "ceo_account" --include-bio -o ceo_wordlist.txt

# Collect company tweets
twofi -s "@CompanyName" -o company_wordlist.txt

# Merge for phishing content
cat ceo_wordlist.txt company_wordlist.txt | sort -u > phishing_content.txt

Scenario 3: Competitive Analysis

# Collect competitor tweets
twofi -u competitor1 -u competitor2 -u competitor3 -o competitors.txt

# Industry hashtags
twofi -s "#industryname" -o industry.txt

# Combined analysis
cat competitors.txt industry.txt | sort | uniq -c | sort -rn > trends.txt

Troubleshooting

Common Issues

Issue	Solution
API authentication fails	Verify API keys in config, check Twitter developer account status
Rate limit exceeded	Wait for reset (15 minutes), use —delay option
No results returned	Check username spelling, account may be private/deleted
Empty wordlist	Increase max tweets, check search operators syntax
Slow processing	Normal for large accounts, be patient with rate limits

Debug Mode

# Verbose output
twofi -u "target" -o output.txt -v

# Show all API calls
twofi -u "target" -o output.txt --debug

# Log to file
twofi -u "target" -o output.txt --log debug.log

Performance Optimization

Collection Strategies

# Parallel user collection
twofi -u user1 -o user1.txt &
twofi -u user2 -o user2.txt &
twofi -u user3 -o user3.txt &
wait

# Merge results
cat user*.txt | sort -u > merged.txt

Resources

• Twofi GitHub: https://github.com/pielco11/twofi
• Twitter API Docs: https://developer.twitter.com/
• OSINT Techniques: https://www.maltego.com/
• Wordlist Documentation: https://github.com/danielmiessler/SecLists
• Twitter Advanced Search: https://twitter.com/search-advanced

Twofi is a powerful OSINT tool for generating targeted wordlists from public Twitter data, making it invaluable for social engineering assessments, password cracking optimization, and comprehensive intelligence gathering during authorized security testing.