OSINT FootprintingUsing Twitter and Python
Who am I?   Raymond Lilly   @37point2   Analyst at a Social Media/Customer Relations Management    company   Senior, E...
What are we talking about?   OSINT gathering methods   Research with implications in       Intelligence       Social E...
Intelligence   What are people talking about?   Intel vs Counter Intel   Targeting concerns          Individuals/Groups...
Social EngineeringLeaking information   What do your co-workers/employees talk about during/after    work?   IT talking ...
Marketing   Can you identify your customers?   What are they talking about?/What other interests do they    have?   Can...
Fun Stuff   New Job info         What’s the corporate culture like?         Does the company embrace new tech/ideas or ...
Key Twitter Concepts   Tweets – 140 characters   Following       Friends       Followers   Did you pick the user?
Followers       A -> B
Friends      B -> C
A -> B -> C
Twitter’s API   https://dev.twitter.com/docs/api   Authenticated vs. Unauthenticated       How hard is it to get OAuth ...
Tweepy!   Python module for Twitter’s API   https://github.com/tweepy/tweepy/   Joshthecoder
GET status/user_timeline   Takes a user_id or screen_name   since_id   count   exclude_replies   include_rts   Tweep...
GET users/show   user_id/screen_name   include_entities       ^-- Awesome!   Tweepy.api.get_user(‘37point2’)
   "id": 286868576,     "id_str": "286868576",     "name": "37point2",     "screen_name": "37point2",     "location":...
"description": "Information Assurancestudent at Eastern Michigan University.rnIntel Analysis, Data Viz, IncidentResponse",
Method to the Madness   Information Needed/Gathered   Tools used   Visualization   Analysis
Echo Chamber   Last 1000 Tweets of everyone followed   Basic Word Count   Wordle.net
Tweets per Day   Individual       Last 3200 Tweets   Community       Last 1000 Tweets (#infosec – May 18-21)   Plot T...
Hashtags/Topics   Last 3200 Tweets       include_entities! #lazyhacker       include_rts   Google Visualization API   ...
Retweets/Replies   Last 3200 Tweets       include_entities       include_rts!!!   Retweets   Replies   Best time for...
Interactions w/ Influence andTopics   Klout       BOO!!!           Changes algorithm daily           What is the algor...
Model   Last 3200 Tweets   Include all the things!   Add Klout score and topics
Formula for Influence   Klout^2 * interactions   50 vs 60   2500 vs 3600
Time to get interactive!
Clients   Last 3200 Tweets   Total Counts   Client usage over time
More moving stuff!
Interactions & Topics   Last 3200 Tweets   include_entities   Maltego CaseFile       Community Edition
Interesting Tools   Tweetstats.com   Twopcharts   Klout   Kred   Socialmention   NetworkX
Contact Info   Raymond Lilly   @37point2   rlilly@emich.edu
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
OSINT using Twitter & Python
Upcoming SlideShare
Loading in...5
×

OSINT using Twitter & Python

2,583

Published on

0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,583
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
104
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

OSINT using Twitter & Python

  1. 1. OSINT FootprintingUsing Twitter and Python
  2. 2. Who am I? Raymond Lilly @37point2 Analyst at a Social Media/Customer Relations Management company Senior, Eastern Michigan University Information Assurance/Network Security
  3. 3. What are we talking about? OSINT gathering methods Research with implications in  Intelligence  Social Engineering  Marketing
  4. 4. Intelligence What are people talking about? Intel vs Counter Intel Targeting concerns Individuals/Groups Geographic regions Time Topics
  5. 5. Social EngineeringLeaking information What do your co-workers/employees talk about during/after work? IT talking about new tech deployments? Any employees venting about internal issues? C levels discussing personal hobbies/travel plans?
  6. 6. Marketing Can you identify your customers? What are they talking about?/What other interests do they have? Can you profile them and use that to reach new potential customers? Find new markets? Reduce your customer assistance cost or increase customer satisfaction?
  7. 7. Fun Stuff New Job info  What’s the corporate culture like?  Does the company embrace new tech/ideas or shun them? Amplify the reach of your messages Find organizations/groups that are interested in the same things you are
  8. 8. Key Twitter Concepts Tweets – 140 characters Following  Friends  Followers Did you pick the user?
  9. 9. Followers A -> B
  10. 10. Friends B -> C
  11. 11. A -> B -> C
  12. 12. Twitter’s API https://dev.twitter.com/docs/api Authenticated vs. Unauthenticated  How hard is it to get OAuth Tokens? REST Streaming
  13. 13. Tweepy! Python module for Twitter’s API https://github.com/tweepy/tweepy/ Joshthecoder
  14. 14. GET status/user_timeline Takes a user_id or screen_name since_id count exclude_replies include_rts Tweepy.api.get_status(‘37point2’)
  15. 15. GET users/show user_id/screen_name include_entities  ^-- Awesome! Tweepy.api.get_user(‘37point2’)
  16. 16.  "id": 286868576, "id_str": "286868576", "name": "37point2", "screen_name": "37point2", "location": "", "description": "Information Assurance student at Eastern Michigan University. rnIntel Analysis, Data Viz, Incident Response", "url": "http://www.linkedin.com/in/raymondlilly", "protected": false, "followers_count": 244, "friends_count": 992, "listed_count": 6, "created_at": "Sat Apr 23 21:25:44 +0000 2011", "utc_offset": -18000, "time_zone": "Eastern Time (US & Canada)",
  17. 17. "description": "Information Assurancestudent at Eastern Michigan University.rnIntel Analysis, Data Viz, IncidentResponse",
  18. 18. Method to the Madness Information Needed/Gathered Tools used Visualization Analysis
  19. 19. Echo Chamber Last 1000 Tweets of everyone followed Basic Word Count Wordle.net
  20. 20. Tweets per Day Individual  Last 3200 Tweets Community  Last 1000 Tweets (#infosec – May 18-21) Plot Tweets over weekdays
  21. 21. Hashtags/Topics Last 3200 Tweets  include_entities! #lazyhacker  include_rts Google Visualization API  Hashtags & HashtagsWithRetweets
  22. 22. Retweets/Replies Last 3200 Tweets  include_entities  include_rts!!! Retweets Replies Best time for a response?
  23. 23. Interactions w/ Influence andTopics Klout  BOO!!!  Changes algorithm daily  What is the algorithm? /shrug  Weights social media sites differently  Useful  Topics!!  Score used as guideline
  24. 24. Model Last 3200 Tweets Include all the things! Add Klout score and topics
  25. 25. Formula for Influence Klout^2 * interactions 50 vs 60 2500 vs 3600
  26. 26. Time to get interactive!
  27. 27. Clients Last 3200 Tweets Total Counts Client usage over time
  28. 28. More moving stuff!
  29. 29. Interactions & Topics Last 3200 Tweets include_entities Maltego CaseFile  Community Edition
  30. 30. Interesting Tools Tweetstats.com Twopcharts Klout Kred Socialmention NetworkX
  31. 31. Contact Info Raymond Lilly @37point2 rlilly@emich.edu
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×