Abstract

Although the development and widespread adoption of software bots has occurred in just a few years,
bots have taken on many diverse tasks and roles. This paper discusses current bot technology and
presents a practical case study on how to use bots Twitter through Developer portal on Twitter
developer.

A bot -- short for robot and also called an internet bot -- is a computer program that operates as
an agent for a user or other program or to simulate a human activity. Bots are normally used to
automate certain tasks, meaning they can run without specific instructions from humans.

An organization or individual can use a bot to replace a repetitive task that a human would otherwise
have to perform. Bots are also much faster at these tasks than humans. Although bots can carry out
useful functions, they can also be malicious and come in the form of malware.

This project involves building a bot centered on Twitter

Introduction

A botnet is a collection of compromised computers in a network Denial-of-service, click fraud, identity

theft, and spamming are just a few of the attacks(Table 1) that may be carried out using a compromised
computer, often known as a bot. A botnet's network may contain hundreds or thousands of bots. A
botnet typically has a command and control server that is used to manage the bots connected to it. This
project aims to create a botnet with Twitter as its command and control system. The botmaster will
specifically post tweets with pre-selected keywords. To fetch these tweets from the botmaster account,
bots will make a query to the Twitter search engine. To develop the command and control bot
application for out botnet, I have used Twitters library , Twitter Developer Credentials and the Twitter
authentication mechanism.

https://scholarworks.sjsu.edu/cgi/viewcontent.cgi?article=1246&context=etd_projects
1. Practical Work Report
Twitter-bots are small software programs that are designed to mimic human tweets. Anyone can create
bots, though it usually requires programming knowledge. Some bots reply to other users when they
detect specific keywords. Others may randomly tweet preset phrases such as proverbs. Or if the bot is
designed to emulate a popular person (celebrity, historic icon, anime character etc.) their popular
phrases will be tweeted. Not all bots are fully machine-generated, however, and interestingly the term
“bot” has also come to refer to Twitter accounts that are simply “fake” accounts. The developer. Twitter
for the login prompt prevents the code from being misused. Basically, the it adds security to the
credential for the account cod no other user, apart from the account, can use tweets to post
commands, We have used the authentication mechanism to authenticate the application using
Twitter’s with OAuth, Since , now a user’s Id and password cannot be used for authenticating the
application to Twitter’s service. This guarantees that user-ids and passwords are secure.

1.1 About Twitter API

The Twitter API can be used to programmatically retrieve and analyze Twitter data, as well as build for
the conversation on Twitter. The Twitter API added additional levels of access for developers and
academic researchers to be able to scale their access to enhance and research the public conversation.

The Twitter API is a set of programmatic endpoints that can be used to understand or build the
conversation on Twitter.

This API allows you to find and retrieve, engage with, or create a variety of different resources including
the following as shown in (table 1)

retrieve Tweets Users Spaces Direct Lists Trends Media Places

, engage Messages
with
Table 1 : shows different resources in the API

1.2 Developer portal

Twitter's Developer Platform enables you to harness the power of Twitter's open, global, real-time and
historical platform within your own applications. The platform provides tools, resources, data and API
products for you to integrate, and expand Twitter's impact through research, solutions and more.

The Twitter developer portal contains a set of self-serve tools that developers can use to manage their
access to the Twitter API and Twitter Ads API.

In the portal, you have the opportunity to:

 Create and manage your Twitter Projects and Apps (and the authentication keys and tokens that
they provide).
 Manage your access levels and integrations with the Twitter API standard v1.1 and v2 endpoints.
1.3 Twitter API standard v1.1 and v2 endpoints
Twitter APIs handle enormous amounts of data. The way we ensure this data is secured for developers
and users alike is through authentication. There are a few methods for authentication, each listed
below.

The difference between Twitter API v1 and Twitter API v2 lies in several aspects, including the endpoints,
data format, and access tiers. Here are the key differences:

1.3.1 Endpoints:
Twitter API v1 had a variety of endpoints for different functionalities, such as retrieving tweets, user
information, and performing actions like posting tweets or following users. In contrast, Twitter API v2
introduced a more streamlined approach with unified endpoints that cover a broader range of
functionalities.

1.3.2 Data Format:

One of the significant differences between Twitter API v1 and v2 is the data format. In v1, the response
data was returned in JSON format, while v2 introduced a new data format called the "Tweet payload."
The Tweet payload is a more structured and standardized format that provides a consistent
representation of tweet data.

1.3.3 Access Tiers:

Twitter API v1 had different access tiers, including Standard, Essential, Elevated, and Premium. However,
with the introduction of Twitter API v2, these access tiers are being deprecated. The new access tiers for
Twitter API v2 are designed to provide more flexibility and scalability for developers.

1.3.4 Migration:
Migrating from Twitter API v1 to v2 involves updating your code to use the new endpoints and data
format. Twitter provides migration guides and tools to assist developers in this process. It's important to
review the migration guides and make the necessary changes to ensure your application continues to
function correctly.
2. Authentication
Twitter APIs handle enormous amounts of data. The way we ensure this data is secured for developers
and users alike is through authentication. There are a few methods for authentication, each listed
below.
2.1 Authentication methods

OAuth 1.0a User OAuth 1.0a allows an authorized Twitter developer App to access private
Context account information or perform a Twitter action on behalf of a Twitter account.

App only App only Access Token allows a Twitter developer app to access information
publicly available on Twitter.
Basic authentication Many of Twitter’s enterprise APIs require the use of HTTP Basic Authentication.

OAuth 2.0 OAuth 2.0 User Context allows you to authenticate on behalf of another
Authorization Code account with greater control over an application’s scope, and authorization
Flow with PKCE flows across multiple devices.

2.2 OAuth 1.0a User Context

3-Legged OAuth