SlideShare ist ein Scribd-Unternehmen logo

Information Gathering Over Twitter

Brian Baskin
Brian Baskin

This document provides an overview of intelligence gathering capabilities on Twitter. It describes basics of Twitter including how it works, capabilities for searching tweets, analyzing tweet content and metadata, archiving tweets long-term, and performing link analysis on networks of Twitter users. Tools for more advanced analysis including NodeXL, D3.js, and Maltego are also mentioned.

Technologie
1 von 52
Intelligence Gathering Over Twitter Brian Baskin Jan 2012
Who Am I? • Computer Forensic Examiner – DC3 / DCFL • Senior Consultant – cmdLabs • Published author/coauthor of some books
Overview • Basics of Twitter • Search Capabilities • Dissecting the Tweet • Long-term Archiving • Link Analysis
What is Twitter • Micro-blogging site – 140-character short messages – Twitter : Facebook : SMS : Email – Began in 2006 but already has 200mil users* – As of June 2010: 65m tweets/day, 750 tweets/second – Open design allows access from web or client * http://www.pcmag.com/article2/0,2817,2371826,00.asp
Twitter Clock
Twitter Clock (2011)
Tweet Philosophy • Celebrity-driven approach – Anyone can follow anyone – Focus for many is on collecting followers – One-way relationships instead of two-way (FaceBook/MySpace) • You can follow me, but I don’t have to follow you • Users follow others that interest them – Tweets made by others appear in your “timeline”
Who Uses It • 13% of Online Americans use Twitter* – Up from 8% a year ago – Most between ages of 18-29 – Ethnicity favored to Black and Hispanic – Urban environments more than suburban/rural – Biggest user base: young urban minorities – Large communities around any topic *http://www.pewinternet.org/~/media/Files/Reports/2011/Twit ter%20Update%202011.pdf
Comms Channel • Widely used as a communications channel when others fail (or are censored) – Iran – 2009 – Protests over election results • Twitter to take down site for maintenance • US State Department prompted Twitter to hold-off – Egypt – January 2011 • Protests to overthrow 30-year President and instill democracy
Comms Channel • Used extensively by Anonymous and Occupy movements
Tweets and Replies • Tweets appear in your public timeline • Only shows broadcast tweets or replies to others you follow • Will not include normal messages from people you do not follow
Mentions • When someone tweets your name preceded by @ • If you follow them, shows in timeline • Otherwise, have to check ‘@Mentions’
Retweets • Repeating someone’s message to all of your followers • Old and New Styles – Old: Manually add “RT” or “via” – New: Automatic
Yes, The World Can See It
Protected Accounts • Not viewable by public • Users have to request permission to follow you • Only users allowed to follow you can see your tweets • @Mentions only show up to followers • Tweets do not appear in search
Direct Messages • Private messages sent between two users • ‘D [or DM] User Message’ • Receiver must follow the sender – Possible for uni-directional DMs if both parties don’t follow each other • Message sent through Twitter and email • DM Fails* *http://thenextweb.com/socialmedia/ 2010/08/05/has-twitter-employees- dm-fail-confirmed-shoutout-feature/
Notifications • Users get email notifications when receiving: – New followers – Direct Messages – Often delayed – Not consistent – TweetDeck better
Favorites • Users can star a tweet to save it as a favorite • Anyone can view someone else’s favorite list twitter.com/<user>/favorites
Hash Tags • Popular way of grouping tweets • Simplifies searching • #Keyword – #CyberCrime2012 – #FF (Follow Friday) – #DFIR – #TheWalkingDead
Moving on… • Now that we got the basics out of the way…
Search Capabilities • http[s]://search.twitter.com
Search Limitations • Only search tweets up to about two weeks old • API limits on how many results you can retrieve at one time – Law enforcement request to Twitter can whitelist an LE account to near unlimited results • Very unreliable
Google Search • Google used to provide immediate Twitter search results • Results can span back multiple years • Service died at the start of Google Plus
Anatomy of a Tweet
Anatomy of a Tweet
{"in_reply_to_status_id_str":"57454830603616256","text":"@bbaskin That is an awesome site!","contributors":null,"retweeted":false,"in_reply_to_user_id_str":"1 7442948","id_str":"57476924934590464","entities":{"hashtags":[],"urls":[] ,"user_mentions":[{"screen_name":"bbaskin","indices":[0,8],"id_str":"1744 2948","name":"Brian Baskin","id":17442948}]},"place":null,"coordinates":null,"source":"web"," geo":null,"truncated":false,"created_at":"Mon Apr 11 16:15:41 +0000 2011","in_reply_to_user_id":17442948,"in_reply_to_status_id":574548306036 16256,"favorited":false,"user":{"time_zone":null,"profile_text_color":"33 3333","url":null,"screen_name":“LLRurik","profile_sidebar_fill_color":"DD EEF6","description":"The Other Me.","id_str":"134196003","show_all_inline_media":false,"follow_request_s ent":false,"lang":"en","geo_enabled":false,"profile_background_tile":fals e,"location":"Maryland","contributors_enabled":false,"profile_link_color" :"0084B4","is_translator":false,"statuses_count":1,"profile_sidebar_borde r_color":"C0DEED","followers_count":1,"default_profile":true,"listed_coun t":2,"created_at":"Sat Apr 17 18:26:02 +0000 2010","following":false,"notifications":false,"profile_use_background_ima ge":true,"friends_count":2,"protected":false,"verified":false,"profile_ba ckground_color":"C0DEED","name":"Rurik","profile_background_image_url":"h ttp://a3.twimg.com/a/1302214109/images/themes/theme1/bg.png","fav ourites_count":0,"profile_image_url":"http://a3.twimg.com/profile_imag es/830973443/Rurik-avatarpic-l_normal.png","id":134196003, "default_profile_image":false,"utc_offset":null},"retweet_count":0,"id":5 7476924934590464,"in_reply_to_screen_name":"bbaskin"}, ,
{"in_reply_to_status_id_str":"57454830603616256", "text":"@bbaskin That is an awesome site!", "in_reply_to_user_id_str":"17442948", "id_str":"57476924934590464", "entities":{"hashtags":[],"urls":[],"user_mentions":[{ "screen_name":"bbaskin","indices":[0,8],"id_str":"17442948", "name":"Brian Baskin","id":17442948}]}, "created_at":"Mon Apr 11 16:15:41 +0000 2011", "user":{ "time_zone":null, "url":null, "screen_name":“LLRurik", "description":"The Other Me.", "id_str":"134196003", "location":"Maryland", "created_at":"Sat Apr 17 18:26:02 +0000 2010", "protected":false, "name":“LLRurik", "profile_image_url":"http://a3.twimg.com/profile_images/83 0973443/LLRurik-avatarpic-l_normal.png", } Anatomy Excerpts
Twitter Account Creation • Gives date when any account was created – Chrome plugin (old Twitter only) • https://chrome.google.com/extensions/detail/pfpkfkhhigghmggnhfjdfjiihmeancof?hl=en – http://www.whendidyoujointwitter.com/
TweetDeck
TweetDeck Forensics • %AppData%Tweetdeck.<xyz>Local Store td_26_<username>.db (SQLite Database) – ‘friends’ – Details on all accounts the user follows • Twitter User #, Name, Screen Name, URL to profile image • fUserID (Twitter User #) can show relative age of accounts • Includes accounts that even no longer exist – ‘columns’ – What columns are currently shown to client – ‘lists’ – Lists the user manages • Name, public/private, URL, # of members, description
TweetDeck Forensics • %AppData%Tweetdeck.<xyz>Local Store preferences_<username>.xml – Recently used hash tags: <hashtags hash0="#FF" hash1="#RallyForSanity" hash2="#CyberCrime2012" hash3="#DEFCON" hash4="#OWS" hash5="#stuxnet" /> – Email service: <email service="0" url="https://mail.google.com/mail/"/>
Application Cached Data • Applications cache tweets upon download – If a tweet is deleted a cached copy may still exist in third-party application – Possible for message to be read/repeated even after being deleted at its source – Forensic Caching: • Archivist (http://visitmix.com/labs/archivist-desktop/) • Twinbox – Saves all tweets to Outlook inbox
Tweet Scraping • Tools to automatically collect and save relevant tweets – Archivist (http://visitmix.com/labs/archivist- desktop/) – Twinbox – Saves all tweets to Outlook inbox – Twitter Archive Google Spreadsheet (TAGS) - http://mashe.hawksey.info/2012/01/twitter- archive-tagsv3/
URL Shorteners • Due to size limitation of tweets, URL shorteners are common place – Vector of attack – Most offer preview capability: • http://bit.ly/gAhOlo+ • http://preview.tinyurl.com/62j4zla – http://resolves.me – Universal URL Previewer
Tweet Longer • Due to size limitation of tweets, message extension services are also somewhat common. – TwitLonger hosts extended posts – Hosts on TwitLonger.com – Uses tl.gd domain
Media Hosting • Twitter is limited to just text content. Media services provide image / video hosting – Images: yFrog, TwitPic, Flikr – Video: TwitVid, Twiddeo, Twitc • If tweet is removed media remains • EXIF data remains to be exploited – iCanStalkU.com Janis Krums
Media Hosting • TwitCaps.com – Searches all Twitter media sites – Results are often NSFW
Social Network Mapping • NodeXL – Free mapping tool for Microsoft Excel nodexl.codeplex.com Currently at 1.0.1.196 Marc Smith
NodeXL Associations
NodeXL #CyberCrime2012
D3.js Visualization
D3 Twitter Community Visualizer
Maltego • Professional data analysis tool • “Social Networking Special Ops” - Chris Sumner (Suggy) at BlackHat http://www.securityg33k.com/blog/?p=180 • Mining data from a Twitter scavenger hunt
Take Away Notes • Following someone does not show the entirety of their communications • Targets are notified if you follow/favorite them • Twitter’s search is very impaired • Information spreads beyond core-Twitter site • Follow early and archive tweets using third-party tools for later analysis • Use Link-Analysis to find outliers
Contact Us: e-mail: contact@cmdlabs.com p: 443.451.7330 www.cmdlabs.com 1101 E. 33rd Street, Suite C301 Baltimore, MD 21218 Brian Baskin

Empfohlen

Part5 reading
Part5 readingPart5 reading
Part5 readingHao Nguyen
 
Rpp procedure text
Rpp procedure textRpp procedure text
Rpp procedure textPriyanka Eka
 
rpp agreement and disagreement KTSP
rpp agreement and disagreement KTSPrpp agreement and disagreement KTSP
rpp agreement and disagreement KTSPWidya Kurnia Arizona San
 
Java bytecode Malware Analysis
Java bytecode Malware AnalysisJava bytecode Malware Analysis
Java bytecode Malware AnalysisBrian Baskin
 
P2P Forensics
P2P ForensicsP2P Forensics
P2P ForensicsBrian Baskin
 
Casual Cyber Crime
Casual Cyber CrimeCasual Cyber Crime
Casual Cyber CrimeBrian Baskin
 
A2 Cloning animals
A2 Cloning animalsA2 Cloning animals
A2 Cloning animalsFranklin College, Grimsby
 
The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili Codemotion
 

Empfohlen

Part5 reading
Part5 readingPart5 reading
Part5 readingHao Nguyen
 
Rpp procedure text
Rpp procedure textRpp procedure text
Rpp procedure textPriyanka Eka
 
rpp agreement and disagreement KTSP
rpp agreement and disagreement KTSPrpp agreement and disagreement KTSP
rpp agreement and disagreement KTSPWidya Kurnia Arizona San
 
Java bytecode Malware Analysis
Java bytecode Malware AnalysisJava bytecode Malware Analysis
Java bytecode Malware AnalysisBrian Baskin
 
P2P Forensics
P2P ForensicsP2P Forensics
P2P ForensicsBrian Baskin
 
Casual Cyber Crime
Casual Cyber CrimeCasual Cyber Crime
Casual Cyber CrimeBrian Baskin
 
A2 Cloning animals
A2 Cloning animalsA2 Cloning animals
A2 Cloning animalsFranklin College, Grimsby
 
The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili The magic world of APT 0.6 - Pompili
The magic world of APT 0.6 - Pompili Codemotion
 
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015Codemotion
 
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesSecurity in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesKai Hackbarth
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Stephan Chenette
 
Black Hat 2015 Arsenal: Noriben Malware Analysis
Black Hat 2015 Arsenal: Noriben Malware AnalysisBlack Hat 2015 Arsenal: Noriben Malware Analysis
Black Hat 2015 Arsenal: Noriben Malware AnalysisBrian Baskin
 
Forensic Analyst
Forensic AnalystForensic Analyst
Forensic AnalystBaileyShupe
 
Crime Scene Investigation
Crime Scene InvestigationCrime Scene Investigation
Crime Scene InvestigationLovable Raisin
 
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)IRICE CONICET
 
9147KR - Alternatives Consulting Panel Brochure AW
9147KR - Alternatives Consulting Panel Brochure AW9147KR - Alternatives Consulting Panel Brochure AW
9147KR - Alternatives Consulting Panel Brochure AWLeanne Bradley
 
Rúbrica foro-paysandú
Rúbrica foro-paysandúRúbrica foro-paysandú
Rúbrica foro-paysandúctepay
 
Proyecto excitación y qi gong
Proyecto excitación y qi gongProyecto excitación y qi gong
Proyecto excitación y qi gongAlex Criado Requena
 
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercisesAll+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercisesFahmi Awaludin
 
5. teen star resumen
5. teen star resumen5. teen star resumen
5. teen star resumenNatalia Pardo Gallardo
 
Workshop-Brandlive en eModa Day
Workshop-Brandlive en eModa Day Workshop-Brandlive en eModa Day
Workshop-Brandlive en eModa Day VTEX Latam
 
TTW Media Kit Email
TTW Media Kit EmailTTW Media Kit Email
TTW Media Kit EmailBernard O'Shea
 
Informe de administracion
Informe de administracionInforme de administracion
Informe de administraciongracealmao
 
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de SevillaIMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de SevillaTurismoAstea
 
Laiseca alberto matando enanos a garrotazos.pdf
Laiseca alberto matando enanos a garrotazos.pdfLaiseca alberto matando enanos a garrotazos.pdf
Laiseca alberto matando enanos a garrotazos.pdfFernando Joaquin Menino
 
what is-twitter
what is-twitterwhat is-twitter
what is-twitteraiesecjalandhar
 
Twitter in teaching and learning by dr.c.thanavathi
Twitter in teaching and learning by dr.c.thanavathiTwitter in teaching and learning by dr.c.thanavathi
Twitter in teaching and learning by dr.c.thanavathiThanavathi C
 
Twitter 101 - sending your first tweet
Twitter 101 - sending your first tweetTwitter 101 - sending your first tweet
Twitter 101 - sending your first tweetStephanie Butler
 
Twitter 101
Twitter 101Twitter 101
Twitter 101Alex Putman
 
Twitter For Journalists
Twitter For JournalistsTwitter For Journalists
Twitter For JournalistskdmcBerkeley at UC Berkeley
 

Weitere ähnliche Inhalte

Andere mochten auch

The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015Codemotion
 
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesSecurity in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesKai Hackbarth
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Stephan Chenette
 
Black Hat 2015 Arsenal: Noriben Malware Analysis
Black Hat 2015 Arsenal: Noriben Malware AnalysisBlack Hat 2015 Arsenal: Noriben Malware Analysis
Black Hat 2015 Arsenal: Noriben Malware AnalysisBrian Baskin
 
Forensic Analyst
Forensic AnalystForensic Analyst
Forensic AnalystBaileyShupe
 
Crime Scene Investigation
Crime Scene InvestigationCrime Scene Investigation
Crime Scene InvestigationLovable Raisin
 
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)IRICE CONICET
 
9147KR - Alternatives Consulting Panel Brochure AW
9147KR - Alternatives Consulting Panel Brochure AW9147KR - Alternatives Consulting Panel Brochure AW
9147KR - Alternatives Consulting Panel Brochure AWLeanne Bradley
 
Rúbrica foro-paysandú
Rúbrica foro-paysandúRúbrica foro-paysandú
Rúbrica foro-paysandúctepay
 
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercisesAll+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercisesFahmi Awaludin
 
Workshop-Brandlive en eModa Day
Workshop-Brandlive en eModa Day Workshop-Brandlive en eModa Day
Workshop-Brandlive en eModa Day VTEX Latam
 
Informe de administracion
Informe de administracionInforme de administracion
Informe de administraciongracealmao
 
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de SevillaIMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de SevillaTurismoAstea
 
Laiseca alberto matando enanos a garrotazos.pdf
Laiseca alberto matando enanos a garrotazos.pdfLaiseca alberto matando enanos a garrotazos.pdf
Laiseca alberto matando enanos a garrotazos.pdfFernando Joaquin Menino
 

Andere mochten auch (17)

The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
The Dark Side of Malware Analysis - Andrea Pompili - Codemotion Rome 2015
 
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure BundlesSecurity in OSGi applications: Robust OSGi Platforms, secure Bundles
Security in OSGi applications: Robust OSGi Platforms, secure Bundles
 
Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013Building Custom Android Malware BruCON 2013
Building Custom Android Malware BruCON 2013
 
Black Hat 2015 Arsenal: Noriben Malware Analysis
Black Hat 2015 Arsenal: Noriben Malware AnalysisBlack Hat 2015 Arsenal: Noriben Malware Analysis
Black Hat 2015 Arsenal: Noriben Malware Analysis
 
Forensic Analyst
Forensic AnalystForensic Analyst
Forensic Analyst
 
Crime Scene Investigation
Crime Scene InvestigationCrime Scene Investigation
Crime Scene Investigation
 
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
B. ConcurSOL "Fundamentos de Energía Solar" (Dr Piacentini Rubén)
 
9147KR - Alternatives Consulting Panel Brochure AW
9147KR - Alternatives Consulting Panel Brochure AW9147KR - Alternatives Consulting Panel Brochure AW
9147KR - Alternatives Consulting Panel Brochure AW
 
Rúbrica foro-paysandú
Rúbrica foro-paysandúRúbrica foro-paysandú
Rúbrica foro-paysandú
 
Proyecto excitación y qi gong
Proyecto excitación y qi gongProyecto excitación y qi gong
Proyecto excitación y qi gong
 
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercisesAll+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
All+unit+1+test+english math-science+review+smt1+2015+grade+3-exercises
 
5. teen star resumen
5. teen star resumen5. teen star resumen
5. teen star resumen
 
Workshop-Brandlive en eModa Day
Workshop-Brandlive en eModa Day Workshop-Brandlive en eModa Day
Workshop-Brandlive en eModa Day
 
TTW Media Kit Email
TTW Media Kit EmailTTW Media Kit Email
TTW Media Kit Email
 
Informe de administracion
Informe de administracionInforme de administracion
Informe de administracion
 
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de SevillaIMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
IMPACTO DEL AVE EN LA CIUDAD DE SEVILLA. Juan José Domínguez- Turismo de Sevilla
 
Laiseca alberto matando enanos a garrotazos.pdf
Laiseca alberto matando enanos a garrotazos.pdfLaiseca alberto matando enanos a garrotazos.pdf
Laiseca alberto matando enanos a garrotazos.pdf
 

Ähnlich wie Information Gathering Over Twitter

Twitter in teaching and learning by dr.c.thanavathi
Twitter in teaching and learning by dr.c.thanavathiTwitter in teaching and learning by dr.c.thanavathi
Twitter in teaching and learning by dr.c.thanavathiThanavathi C
 
Twitter 101 - sending your first tweet
Twitter 101 - sending your first tweetTwitter 101 - sending your first tweet
Twitter 101 - sending your first tweetStephanie Butler
 
Twitter for Educators - Why Start Now (2012)
Twitter for Educators - Why Start Now (2012)Twitter for Educators - Why Start Now (2012)
Twitter for Educators - Why Start Now (2012)Kurtis Hewson
 
Twitter: A Hands-On Learning Session for Researcher
Twitter: A Hands-On Learning Session for ResearcherTwitter: A Hands-On Learning Session for Researcher
Twitter: A Hands-On Learning Session for ResearcherKMb Unit, York University
 
Social Media & International Justice
Social Media & International JusticeSocial Media & International Justice
Social Media & International JusticeRobin Johnson
 
How not to be all a flutter about Twitter
How not to be all a flutter about TwitterHow not to be all a flutter about Twitter
How not to be all a flutter about TwitterMargaret Hazel
 
Social Media Workshop 3: Twitter A bird's eye view
Social Media Workshop 3: Twitter A bird's eye viewSocial Media Workshop 3: Twitter A bird's eye view
Social Media Workshop 3: Twitter A bird's eye viewLeRoy Hill
 
Twitter for Business Talk 2012
Twitter for Business Talk 2012Twitter for Business Talk 2012
Twitter for Business Talk 2012Karen Kefauver
 
The Social Media Cheat Sheet - The Daily Social Media Workouts v3
The Social Media Cheat Sheet - The Daily Social Media Workouts v3The Social Media Cheat Sheet - The Daily Social Media Workouts v3
The Social Media Cheat Sheet - The Daily Social Media Workouts v3Lightspan Digital
 
Who gives a tweet? RGU 2014
Who gives a tweet? RGU 2014Who gives a tweet? RGU 2014
Who gives a tweet? RGU 2014Karen Strickland
 
Twitter Technical Training - St. Edward's University Instructional Technology
Twitter Technical Training - St. Edward's University Instructional TechnologyTwitter Technical Training - St. Edward's University Instructional Technology
Twitter Technical Training - St. Edward's University Instructional TechnologyMegan Ura
 
Twitter: A Hands On Learning Session for Researchers
Twitter: A Hands On Learning Session for ResearchersTwitter: A Hands On Learning Session for Researchers
Twitter: A Hands On Learning Session for ResearchersKMb Unit, York University
 

Ähnlich wie Information Gathering Over Twitter (20)

what is-twitter
what is-twitterwhat is-twitter
what is-twitter
 
Twitter in teaching and learning by dr.c.thanavathi
Twitter in teaching and learning by dr.c.thanavathiTwitter in teaching and learning by dr.c.thanavathi
Twitter in teaching and learning by dr.c.thanavathi
 
Twitter 101 - sending your first tweet
Twitter 101 - sending your first tweetTwitter 101 - sending your first tweet
Twitter 101 - sending your first tweet
 
Twitter 101
Twitter 101Twitter 101
Twitter 101
 
Twitter For Journalists
Twitter For JournalistsTwitter For Journalists
Twitter For Journalists
 
Twitter for Educators - Why Start Now (2012)
Twitter for Educators - Why Start Now (2012)Twitter for Educators - Why Start Now (2012)
Twitter for Educators - Why Start Now (2012)
 
Twitter: A Hands-On Learning Session for Researcher
Twitter: A Hands-On Learning Session for ResearcherTwitter: A Hands-On Learning Session for Researcher
Twitter: A Hands-On Learning Session for Researcher
 
Cdo
CdoCdo
Cdo
 
Social Media & International Justice
Social Media & International JusticeSocial Media & International Justice
Social Media & International Justice
 
How not to be all a flutter about Twitter
How not to be all a flutter about TwitterHow not to be all a flutter about Twitter
How not to be all a flutter about Twitter
 
Tweet 2
Tweet 2Tweet 2
Tweet 2
 
Social Media Workshop 3: Twitter A bird's eye view
Social Media Workshop 3: Twitter A bird's eye viewSocial Media Workshop 3: Twitter A bird's eye view
Social Media Workshop 3: Twitter A bird's eye view
 
Twitter for Business Talk 2012
Twitter for Business Talk 2012Twitter for Business Talk 2012
Twitter for Business Talk 2012
 
The Social Media Cheat Sheet - The Daily Social Media Workouts v3
The Social Media Cheat Sheet - The Daily Social Media Workouts v3The Social Media Cheat Sheet - The Daily Social Media Workouts v3
The Social Media Cheat Sheet - The Daily Social Media Workouts v3
 
Who gives a tweet? RGU 2014
Who gives a tweet? RGU 2014Who gives a tweet? RGU 2014
Who gives a tweet? RGU 2014
 
Twitter pp
Twitter ppTwitter pp
Twitter pp
 
Twitter Technical Training - St. Edward's University Instructional Technology
Twitter Technical Training - St. Edward's University Instructional TechnologyTwitter Technical Training - St. Edward's University Instructional Technology
Twitter Technical Training - St. Edward's University Instructional Technology
 
18apps
18apps18apps
18apps
 
Twitter: A Hands On Learning Session for Researchers
Twitter: A Hands On Learning Session for ResearchersTwitter: A Hands On Learning Session for Researchers
Twitter: A Hands On Learning Session for Researchers
 
Twiter101[1]
Twiter101[1]Twiter101[1]
Twiter101[1]
 

Kürzlich hochgeladen

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Kürzlich hochgeladen (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Information Gathering Over Twitter

  • 2. Who Am I? • Computer Forensic Examiner – DC3 / DCFL • Senior Consultant – cmdLabs • Published author/coauthor of some books
  • 3. Overview • Basics of Twitter • Search Capabilities • Dissecting the Tweet • Long-term Archiving • Link Analysis
  • 4. What is Twitter • Micro-blogging site – 140-character short messages – Twitter : Facebook : SMS : Email – Began in 2006 but already has 200mil users* – As of June 2010: 65m tweets/day, 750 tweets/second – Open design allows access from web or client * http://www.pcmag.com/article2/0,2817,2371826,00.asp
  • 7. Tweet Philosophy • Celebrity-driven approach – Anyone can follow anyone – Focus for many is on collecting followers – One-way relationships instead of two-way (FaceBook/MySpace) • You can follow me, but I don’t have to follow you • Users follow others that interest them – Tweets made by others appear in your “timeline”
  • 8. Who Uses It • 13% of Online Americans use Twitter* – Up from 8% a year ago – Most between ages of 18-29 – Ethnicity favored to Black and Hispanic – Urban environments more than suburban/rural – Biggest user base: young urban minorities – Large communities around any topic *http://www.pewinternet.org/~/media/Files/Reports/2011/Twit ter%20Update%202011.pdf
  • 9. Comms Channel • Widely used as a communications channel when others fail (or are censored) – Iran – 2009 – Protests over election results • Twitter to take down site for maintenance • US State Department prompted Twitter to hold-off – Egypt – January 2011 • Protests to overthrow 30-year President and instill democracy
  • 10. Comms Channel • Used extensively by Anonymous and Occupy movements
  • 11. Tweets and Replies • Tweets appear in your public timeline • Only shows broadcast tweets or replies to others you follow • Will not include normal messages from people you do not follow
  • 12. Mentions • When someone tweets your name preceded by @ • If you follow them, shows in timeline • Otherwise, have to check ‘@Mentions’
  • 13. Retweets • Repeating someone’s message to all of your followers • Old and New Styles – Old: Manually add “RT” or “via” – New: Automatic
  • 14. Yes, The World Can See It
  • 15. Protected Accounts • Not viewable by public • Users have to request permission to follow you • Only users allowed to follow you can see your tweets • @Mentions only show up to followers • Tweets do not appear in search
  • 16. Direct Messages • Private messages sent between two users • ‘D [or DM] User Message’ • Receiver must follow the sender – Possible for uni-directional DMs if both parties don’t follow each other • Message sent through Twitter and email • DM Fails* *http://thenextweb.com/socialmedia/ 2010/08/05/has-twitter-employees- dm-fail-confirmed-shoutout-feature/
  • 17. Notifications • Users get email notifications when receiving: – New followers – Direct Messages – Often delayed – Not consistent – TweetDeck better
  • 18. Favorites • Users can star a tweet to save it as a favorite • Anyone can view someone else’s favorite list twitter.com/<user>/favorites
  • 19. Hash Tags • Popular way of grouping tweets • Simplifies searching • #Keyword – #CyberCrime2012 – #FF (Follow Friday) – #DFIR – #TheWalkingDead
  • 20. Moving on… • Now that we got the basics out of the way…
  • 22. Search Limitations • Only search tweets up to about two weeks old • API limits on how many results you can retrieve at one time – Law enforcement request to Twitter can whitelist an LE account to near unlimited results • Very unreliable
  • 23. Google Search • Google used to provide immediate Twitter search results • Results can span back multiple years • Service died at the start of Google Plus
  • 24. Anatomy of a Tweet
  • 25. Anatomy of a Tweet
  • 26.
  • 27. {"in_reply_to_status_id_str":"57454830603616256","text":"@bbaskin That is an awesome site!","contributors":null,"retweeted":false,"in_reply_to_user_id_str":"1 7442948","id_str":"57476924934590464","entities":{"hashtags":[],"urls":[] ,"user_mentions":[{"screen_name":"bbaskin","indices":[0,8],"id_str":"1744 2948","name":"Brian Baskin","id":17442948}]},"place":null,"coordinates":null,"source":"web"," geo":null,"truncated":false,"created_at":"Mon Apr 11 16:15:41 +0000 2011","in_reply_to_user_id":17442948,"in_reply_to_status_id":574548306036 16256,"favorited":false,"user":{"time_zone":null,"profile_text_color":"33 3333","url":null,"screen_name":“LLRurik","profile_sidebar_fill_color":"DD EEF6","description":"The Other Me.","id_str":"134196003","show_all_inline_media":false,"follow_request_s ent":false,"lang":"en","geo_enabled":false,"profile_background_tile":fals e,"location":"Maryland","contributors_enabled":false,"profile_link_color" :"0084B4","is_translator":false,"statuses_count":1,"profile_sidebar_borde r_color":"C0DEED","followers_count":1,"default_profile":true,"listed_coun t":2,"created_at":"Sat Apr 17 18:26:02 +0000 2010","following":false,"notifications":false,"profile_use_background_ima ge":true,"friends_count":2,"protected":false,"verified":false,"profile_ba ckground_color":"C0DEED","name":"Rurik","profile_background_image_url":"h ttp://a3.twimg.com/a/1302214109/images/themes/theme1/bg.png","fav ourites_count":0,"profile_image_url":"http://a3.twimg.com/profile_imag es/830973443/Rurik-avatarpic-l_normal.png","id":134196003, "default_profile_image":false,"utc_offset":null},"retweet_count":0,"id":5 7476924934590464,"in_reply_to_screen_name":"bbaskin"}, ,
  • 28. {"in_reply_to_status_id_str":"57454830603616256", "text":"@bbaskin That is an awesome site!", "in_reply_to_user_id_str":"17442948", "id_str":"57476924934590464", "entities":{"hashtags":[],"urls":[],"user_mentions":[{ "screen_name":"bbaskin","indices":[0,8],"id_str":"17442948", "name":"Brian Baskin","id":17442948}]}, "created_at":"Mon Apr 11 16:15:41 +0000 2011", "user":{ "time_zone":null, "url":null, "screen_name":“LLRurik", "description":"The Other Me.", "id_str":"134196003", "location":"Maryland", "created_at":"Sat Apr 17 18:26:02 +0000 2010", "protected":false, "name":“LLRurik", "profile_image_url":"http://a3.twimg.com/profile_images/83 0973443/LLRurik-avatarpic-l_normal.png", } Anatomy Excerpts
  • 29.
  • 30. Twitter Account Creation • Gives date when any account was created – Chrome plugin (old Twitter only) • https://chrome.google.com/extensions/detail/pfpkfkhhigghmggnhfjdfjiihmeancof?hl=en – http://www.whendidyoujointwitter.com/
  • 32. TweetDeck Forensics • %AppData%Tweetdeck.<xyz>Local Store td_26_<username>.db (SQLite Database) – ‘friends’ – Details on all accounts the user follows • Twitter User #, Name, Screen Name, URL to profile image • fUserID (Twitter User #) can show relative age of accounts • Includes accounts that even no longer exist – ‘columns’ – What columns are currently shown to client – ‘lists’ – Lists the user manages • Name, public/private, URL, # of members, description
  • 33. TweetDeck Forensics • %AppData%Tweetdeck.<xyz>Local Store preferences_<username>.xml – Recently used hash tags: <hashtags hash0="#FF" hash1="#RallyForSanity" hash2="#CyberCrime2012" hash3="#DEFCON" hash4="#OWS" hash5="#stuxnet" /> – Email service: <email service="0" url="https://mail.google.com/mail/"/>
  • 34. Application Cached Data • Applications cache tweets upon download – If a tweet is deleted a cached copy may still exist in third-party application – Possible for message to be read/repeated even after being deleted at its source – Forensic Caching: • Archivist (http://visitmix.com/labs/archivist-desktop/) • Twinbox – Saves all tweets to Outlook inbox
  • 35. Tweet Scraping • Tools to automatically collect and save relevant tweets – Archivist (http://visitmix.com/labs/archivist- desktop/) – Twinbox – Saves all tweets to Outlook inbox – Twitter Archive Google Spreadsheet (TAGS) - http://mashe.hawksey.info/2012/01/twitter- archive-tagsv3/
  • 36.
  • 37.
  • 38.
  • 39. URL Shorteners • Due to size limitation of tweets, URL shorteners are common place – Vector of attack – Most offer preview capability: • http://bit.ly/gAhOlo+ • http://preview.tinyurl.com/62j4zla – http://resolves.me – Universal URL Previewer
  • 40.
  • 41.
  • 42. Tweet Longer • Due to size limitation of tweets, message extension services are also somewhat common. – TwitLonger hosts extended posts – Hosts on TwitLonger.com – Uses tl.gd domain
  • 43. Media Hosting • Twitter is limited to just text content. Media services provide image / video hosting – Images: yFrog, TwitPic, Flikr – Video: TwitVid, Twiddeo, Twitc • If tweet is removed media remains • EXIF data remains to be exploited – iCanStalkU.com Janis Krums
  • 44. Media Hosting • TwitCaps.com – Searches all Twitter media sites – Results are often NSFW
  • 45. Social Network Mapping • NodeXL – Free mapping tool for Microsoft Excel nodexl.codeplex.com Currently at 1.0.1.196 Marc Smith
  • 50. Maltego • Professional data analysis tool • “Social Networking Special Ops” - Chris Sumner (Suggy) at BlackHat http://www.securityg33k.com/blog/?p=180 • Mining data from a Twitter scavenger hunt
  • 51. Take Away Notes • Following someone does not show the entirety of their communications • Targets are notified if you follow/favorite them • Twitter’s search is very impaired • Information spreads beyond core-Twitter site • Follow early and archive tweets using third-party tools for later analysis • Use Link-Analysis to find outliers
  • 52. Contact Us: e-mail: contact@cmdlabs.com p: 443.451.7330 www.cmdlabs.com 1101 E. 33rd Street, Suite C301 Baltimore, MD 21218 Brian Baskin