Matkap: A Python Tool to Hunt Down Malicious Telegram Bots

This repository profile is provided by osrepos.com, an open source repository discovery platform.

Matkap: A Python Tool to Hunt Down Malicious Telegram Bots

Summary

Matkap is an open-source Python tool designed for cybersecurity professionals to analyze and identify malicious Telegram bots. It offers features like integration with FOFA and URLScan for token hunting, message forwarding, and log export. This tool is valuable for security research and understanding Telegram bot interactions.

Repository Information

Analyzed by OSRepos on October 12, 2025

Topics

Click on any tag to explore related repositories

Use at your own risk

OSRepos shares public repositories for knowledge and discovery only. Any installation, execution, configuration, or use of code from these repositories is the user's own responsibility. Always review the repository, source code, dependencies, licenses, and security implications before running or installing anything. OSRepos is not responsible for issues, damages, or losses resulting from third-party repositories.

Introduction

Matkap is a powerful open-source Python tool developed by 0x6rss, specifically designed to hunt down and analyze malicious Telegram bots. Intended for cybersecurity professionals and researchers, Matkap provides functionalities to investigate bot interactions, identify potential threats, and gather intelligence. It integrates with external services like FOFA and URLScan to broaden its scanning capabilities for exposed bot tokens and chat IDs. Please note, Matkap is for educational and research purposes only, and users must adhere to ethical guidelines and legal regulations.

Installation

To get Matkap up and running, follow these steps:

Prerequisites

  • Python 3.7+ installed on your system.
  • Pip for package management.
  • Telegram API credentials: Obtain api_id, api_hash, and phone_number from my.telegram.org/apps.
  • (Optional) FOFA Account and URLScan Account if you plan to use their scanning features. You will need FOFA_EMAIL, FOFA_KEY, and URLSCAN_API_KEY.

Setup

  1. Clone the repository:
    git clone https://github.com/0x6rss/matkap.git
  2. Navigate into the project folder:
    cd matkap
  3. Create a .env file:

    In the matkap directory, create a file named .env and populate it with your Telegram API credentials and optional FOFA/URLScan keys:

    TELEGRAM_API_ID=123456
    TELEGRAM_API_HASH=your_api_hash
    TELEGRAM_PHONE=+90000000000
    
    # (Optional) For FOFA & URLScan:
    FOFA_EMAIL=your_fofa_email
    FOFA_KEY=your_fofa_key
    URLSCAN_API_KEY=your_urlscan_api_key
  4. Install dependencies:
    pip install -r requirements.txt
  5. Run Matkap:
    python matkap.py

    Upon first run, Telegram will send a login code to your phone, which you'll need to enter in the terminal.

Examples

Matkap offers a user-friendly interface with several key functionalities:

  • Start Attack: Input a malicious bot token and chat ID to begin monitoring.
  • Forward All Messages: Iterate through and forward older messages from a specified chat, with options to stop or resume.
  • Hunt With FOFA: Search for exposed Telegram Bot Tokens and Chat IDs on websites indexed by FOFA, specifically looking for body="api.telegram.org". Results are logged in the Process Log.
  • Hunt With URLScan: Similar to FOFA, this feature uses URLScan to find exposed tokens and chat IDs referencing domain:api.telegram.org.
  • Export captured messages: All captured Telegram messages are automatically saved to the "captured_messages" directory for later analysis.

Why Use Matkap?

Matkap is an invaluable asset for:

  • Cyber Threat Intelligence (CTI): Gaining insights into the operational methods of malicious Telegram bots.
  • OSINT Investigations: Discovering exposed bot tokens and chat IDs that could lead to further intelligence.
  • Security Research: Analyzing bot behavior, message forwarding patterns, and potential data exfiltration.
  • Educational Purposes: Understanding the security landscape of messaging platforms and developing defensive strategies.

Links

Source repository

Open the original repository on GitHub.

6 counted GitHub visits

View on GitHub
OS
OSRepos

Analysis and discovery of open source repositories. Find interesting projects and follow their updates.

Monitor your website with YourWebsiteScore

OSRepos shares public repositories for knowledge and discovery only. Any installation, execution, configuration, or use of third-party repository code is at your own risk. Always review source code, dependencies, licenses, and security implications before running anything.

© 2025 OSRepos. Built with Nuxt 3 and lots of ❤️