Twofi was written by Robin Wood at DigNinja. This tool can use to grab the contents of the user’s or company’s twitter feed. This tool allows to create custom wordlist for cracking passwords.
For launching twofi
- Type twofi in linux terminal as shown below:-
- Before using twofi you must have an twitter developer’s account and the twitter api key
- If twofi is not installed, for downloading twofi type:
- git clone http://github.com/digininja/twofi
- The config file for twofi is /etc/twofi/twofi.yml as shown below:
- Now we have to mention twitter API key and secret in this twofi.yml file.
- For creating the api keys go to http://apps.twitter.com and create twitter developer account.
- Enter key which you have created from twitter developer account in twofi.yml.
- After saving API key, it will view something like this below:
For security reasons the keys has marked red. The above key is only for testing purposes.
- Now type: twofi -c -u hack as shown below.
- In the above screenshot, the list can be used in creating the wordlist for attacking on any account in twitter and other bruteforce attacks.
Ethical hacking researcher of international institute of cyber security has found that hackers use these kinds of tools to create wordlist for breaking passwords and other attacks.