Twitter account takeover (ATO) is when a cybercriminal gains unauthorized access to a Twitter account and deface it. Or worse, they can publish tweets to the world using an amplified podium in a universal platform, and these tweets can be anything from phishing to scams to political messages. The impact of this act can be severe to the reputation of the account's owner and who they represent and increases while the tweets are still published. So, the response has to be prompt. In this briefing, we will go through the causes and signs of Twitter ATOs with examples from previous incidents. More importantly, we will demo Mahckoor, a new open-source tool that I have coded to continuously monitor desired Twitter accounts, and alert upon detecting a successful ATO by leveraging Twitter API & OSINT.