3 Ways To Hack A Twitter Account in 2020

Note: this post is purely for educational purposes only. I will not be held responsible for any damage done.

There are numerous ways to hack a social media account such as twitter. Bruteforce, phishing, RAT are some of the famous methods. In a phishing attack, you use social engineering to trick the user into doing what you need them to do. Phishing attack is the best one, if your social engineering skills are good. I’ll tell you how to perform different kinds of attack to hack a twitter attack below, so keep reading.

Method 1: Phishing

The image above is of a tool used to create phishing pages for different platforms. To hack a twitter account using a phishing tool, you need to create a fake log in page. Once created, it gives you a web address that you need to send to your target. The victim then opens the page, sees a web page that looks just like a genuine platform. You need to social engineer them into entering their user name and password in the fake log in page. Once done, it saves the credentials so you can use them. Here are the steps to install the tool and make a fake login page for twitter:

Requirements:

1. Linux laptop or Termux installed phone. You can install termux from here

2. Internet connection

3. Git installed

Step 1: open a terminal window and type “git clone https://github.com/xHak9x/SocialPhish” without the quotes.

Step 2: cd into the folder by typing “cd socialphish”

Step 3: give the script excute permissions by typing “chmod +x SocialPhish.sh

Step 4: now type “./socialphish.sh” to excute the script

Step 5: now type 4 to choose Twitter.

Step 5: press 2 to choose ngrok and wait for the server to start

Step 6: it’ll give you a link. That’s the address for fake login page. Send it to victim and use social engineering to make them enter their credentials.

Step 7: that’s it. If they entered their password, it’ll show it in terminal and save it in a txt file.

Method 2: Bruteforce

In a bruteforce attack, you make a wordlist that contains thousands of possible passwords for the account and use a bruteforce tool to try each passwords on the account one by one. You can make a wordlist specific to an account if you know some information that might be used in password, like date of birth, first name or phone number. The tool keeps trying the passwords until it finds the right one, then it stops and shows you the correct password.

You can find plenty of bruteforce tools in github. Search “twitter bruteforce github” on google to find bruteforce tools for twitter.

Method 3: Keylogger/RAT

In this method, you’ll have to install an apk to the target device. Once done, the app saves every keystroke and sends it to you. So next time the user enters their password, you’ll see what it is. The downside with Keyloggers is that you’ll have to give some specials permissions to it. If you don’t have the target device with yourself, it can be a little tricky.

You can also use a Remote Access Trojan for this task. See this article on how to create a RAT or buy an already built one.