
tinfoleak is an open-source tool within the OSINT (Open Source Intelligence) and SOCMINT (Social Media Intelligence) disciplines, that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic coordinates or keywords, tinfoleak analyzes the Twitter timeline to extract great volumes of data and show useful and structured information to the intelligence analyst.
tinfoleak is included in several Linux Distros: Kali, CAINE, BlackArch and Buscador. It is currently the most comprehensive open-source tool for intelligence analysis on Twitter.
tinfoleak can extract the following information:
- Account info / User Activity / Protected Accounts / User Relations
- Source Applications / User Devices / Use Frequency
- Hashtags / Mentions / Likes
- Text Analysis / Words Frequency / Media / Metadata
- User Visited Places / User Routes / User Top Locations
- Social Networks / Digital Identities
- Geolocated Users / Tagged Users
- Followers / Friends
- Lists / Collections
- Conversations
License
tinfoleak is released under the CC-BY-SA-4.0 license. See the LICENSE.txt file for additional details.
Installation
Install Python and dependencies:
sudo apt install python-pip python-dev build-essential python2.7-dev python-pyexiv2 python-openssl
sudo pip install --upgrade pip
sudo pip install --upgrade virtualenv
sudo pip install --upgrade tweepy
sudo pip install --upgrade pillow
sudo pip install --upgrade exifread
sudo pip install --upgrade jinja2
sudo pip install --upgrade oauth2
Getting started
The first time you run tinfoleak, you need to assign the OAuth settings.
- Edit "tinfoleak.conf"
Use your favorite editor ;-)
- Give value to these variables:
CONSUMER_KEY
CONSUMER_SECRET
ACCESS_TOKEN
ACCESS_TOKEN_SECRET
- How to obtain these values:
https://developer.twitter.com/en/docs/basics/authentication/guides/access-tokens
- Save "tinfoleak.conf"
- Execute "tinfoleak.py"
Author

- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky
└──╼ $sudo apt install python-pyexiv2
Reading package lists… Done
Building dependency tree
Reading state information… Done
E: Unable to locate package python-pyexiv2
Hi there,
If there is an error, it’s worth to submit it on the Github page https://github.com/vaguileradiaz/tinfoleak/issues This way it will be solved.
They are not responding to the issues.
Maybe they are busy? It’s an old project, so you everything is possible.