Help Irongeek.com pay for bandwidth and research equipment:
Automated Spear-twishing - It was only a matter of time Hack3rcon 3 (Hacking Illustrated Series InfoSec Tutorial Videos)
Automated Spear-twishing - It was only a matter of time
Hack3rcon 3
We've all heard of phishing and spear-phishing. We've even heard of twishing and
spear-twishing to a limited extent. After all, Twitter is an excellent target
for social engineering due to conditioned users, anonymous connections via
pseudonyms, and a lack of content filtering. For example, shortened URLs are
typically flagged by detection software in e-mail, but it's almost a necessity
in Twitter with the 140 character length restriction. So we have a ripe target
base of users clicking on shortened URLs, but let's be honest: developing
targeted tweets can be annoying. Plus, to really target users and take advantage
of trust relationships, you need to map out who's following who, and that is
pretty arduous given existing tools. So, we built Hypertwish, a Twitter
visualization and spear-twishing framework that uses small generative grammars
and a hyberbolic tree. Yaay math! This tool is also a trial of some of our
existing research into computer linguistics and automated content generation, so
that when Doomsday arrives, at least Skynet will be able to use social media.
You'll never trust people on Twitter again.
Passions: Pentesting. Social-engineering. Rapid prototyping. Aikido.
Puzzles. Riddles. Cryptography. Diet Mountain Dew. Anti-social gaming.
Recursion. Making my daughter laugh.
I'm a penetration tester by trade, and my current research focus is on
social engineering, phishing and computer linguistics. I swear I have
friends that are not being coerced though.