{"name":"Matkap: A Python Tool to Hunt Down Malicious Telegram Bots","description":"Matkap is an open-source Python tool designed for cybersecurity professionals to analyze and identify malicious Telegram bots. It offers features like integration with FOFA and URLScan for token hunting, message forwarding, and log export. This tool is valuable for security research and understanding Telegram bot interactions.","github":"https://github.com/0x6rss/matkap","url":"https://osrepos.com/repo/0x6rss-matkap","source":"osrepos.com","sourceDescription":"This repository profile is provided by osrepos.com, an open source repository discovery platform.","repositoryProfile":"https://osrepos.com/repo/0x6rss-matkap","generatedFor":"open source discovery and AI-assisted research","markdown":"https://osrepos.com/repo/0x6rss-matkap.md","json":"https://osrepos.com/repo/0x6rss-matkap.json","topics":["cti","intelligence","malware","osint","telegram","python","cybersecurity","bot-analysis"],"keywords":["cti","intelligence","malware","osint","telegram","python","cybersecurity","bot-analysis"],"stars":null,"summary":"Matkap is an open-source Python tool designed for cybersecurity professionals to analyze and identify malicious Telegram bots. It offers features like integration with FOFA and URLScan for token hunting, message forwarding, and log export. This tool is valuable for security research and understanding Telegram bot interactions.","content":"## Introduction\n\nMatkap is a powerful open-source Python tool developed by 0x6rss, specifically designed to hunt down and analyze malicious Telegram bots. Intended for cybersecurity professionals and researchers, Matkap provides functionalities to investigate bot interactions, identify potential threats, and gather intelligence. It integrates with external services like FOFA and URLScan to broaden its scanning capabilities for exposed bot tokens and chat IDs. Please note, Matkap is for educational and research purposes only, and users must adhere to ethical guidelines and legal regulations.\n\n## Installation\n\nTo get Matkap up and running, follow these steps:\n\n### Prerequisites\n\nBefore you begin, ensure you have:\n*   **Python 3.7+** installed on your system.\n*   **Pip** for package management.\n*   **Telegram API credentials**: Obtain `api_id`, `api_hash`, and `phone_number` from [my.telegram.org/apps](https://my.telegram.org/apps){:target=\"_blank\"}.\n*   **(Optional) FOFA Account** and **URLScan Account** if you plan to use their scanning features. You will need `FOFA_EMAIL`, `FOFA_KEY`, and `URLSCAN_API_KEY`.\n\n### Setup\n\n1.  **Clone the repository:**\n    bash\n    git clone https://github.com/0x6rss/matkap.git\n    \n2.  **Navigate into the project folder:**\n    bash\n    cd matkap\n    \n3.  **Create a `.env` file:**\n    In the `matkap` directory, create a file named `.env` and populate it with your Telegram API credentials and optional FOFA/URLScan keys:\n    dotenv\n    TELEGRAM_API_ID=123456\n    TELEGRAM_API_HASH=your_api_hash\n    TELEGRAM_PHONE=+90000000000\n\n    # (Optional) For FOFA & URLScan:\n    FOFA_EMAIL=your_fofa_email\n    FOFA_KEY=your_fofa_key\n    URLSCAN_API_KEY=your_urlscan_api_key\n    \n4.  **Install dependencies:**\n    bash\n    pip install -r requirements.txt\n    \n5.  **Run Matkap:**\n    bash\n    python matkap.py\n    \n    Upon first run, Telegram will send a login code to your phone, which you'll need to enter in the terminal.\n\n## Examples\n\nMatkap offers a user-friendly interface with several key functionalities:\n\n*   **Start Attack**: Input a malicious bot token and chat ID to begin monitoring.\n*   **Forward All Messages**: Iterate through and forward older messages from a specified chat, with options to stop or resume.\n*   **Hunt With FOFA**: Search for exposed Telegram Bot Tokens and Chat IDs on websites indexed by FOFA, specifically looking for `body=\"api.telegram.org\"`. Results are logged in the Process Log.\n*   **Hunt With URLScan**: Similar to FOFA, this feature uses URLScan to find exposed tokens and chat IDs referencing `domain:api.telegram.org`.\n*   **Export captured messages**: All captured Telegram messages are automatically saved to the \"captured_messages\" directory for later analysis.\n\n## Why Use Matkap?\n\nMatkap is an invaluable asset for:\n*   **Cyber Threat Intelligence (CTI)**: Gaining insights into the operational methods of malicious Telegram bots.\n*   **OSINT Investigations**: Discovering exposed bot tokens and chat IDs that could lead to further intelligence.\n*   **Security Research**: Analyzing bot behavior, message forwarding patterns, and potential data exfiltration.\n*   **Educational Purposes**: Understanding the security landscape of messaging platforms and developing defensive strategies.\n\n## Links\n\n*   **GitHub Repository**: [0x6rss/matkap](https://github.com/0x6rss/matkap){:target=\"_blank\"}","metrics":{"detailViews":7,"githubClicks":6},"dates":{"published":null,"modified":"2025-10-12T13:16:25.000Z"}}