# Matkap: A Python Tool to Hunt Down Malicious Telegram Bots

This repository profile is provided by osrepos.com, an open source repository discovery platform.

Source: osrepos.com
Repository profile: https://osrepos.com/repo/0x6rss-matkap
Generated for open source discovery and AI-assisted research.

Matkap is an open-source Python tool designed for cybersecurity professionals to analyze and identify malicious Telegram bots. It offers features like integration with FOFA and URLScan for token hunting, message forwarding, and log export. This tool is valuable for security research and understanding Telegram bot interactions.

GitHub: https://github.com/0x6rss/matkap
OSRepos URL: https://osrepos.com/repo/0x6rss-matkap

## Summary

Matkap is an open-source Python tool designed for cybersecurity professionals to analyze and identify malicious Telegram bots. It offers features like integration with FOFA and URLScan for token hunting, message forwarding, and log export. This tool is valuable for security research and understanding Telegram bot interactions.

## Topics

- cti
- intelligence
- malware
- osint
- telegram
- python
- cybersecurity
- bot-analysis

## Repository Information

Last analyzed by OSRepos: Sun Oct 12 2025 14:16:25 GMT+0100 (Western European Summer Time)
Detail views: 7
GitHub clicks: 6

## Safety Notice

OSRepos shares public repositories for knowledge and discovery only. Review source code, dependencies, licenses, and security implications before running or installing anything.

## Content

## Introduction

Matkap is a powerful open-source Python tool developed by 0x6rss, specifically designed to hunt down and analyze malicious Telegram bots. Intended for cybersecurity professionals and researchers, Matkap provides functionalities to investigate bot interactions, identify potential threats, and gather intelligence. It integrates with external services like FOFA and URLScan to broaden its scanning capabilities for exposed bot tokens and chat IDs. Please note, Matkap is for educational and research purposes only, and users must adhere to ethical guidelines and legal regulations.

## Installation

To get Matkap up and running, follow these steps:

### Prerequisites

Before you begin, ensure you have:
*   **Python 3.7+** installed on your system.
*   **Pip** for package management.
*   **Telegram API credentials**: Obtain `api_id`, `api_hash`, and `phone_number` from [my.telegram.org/apps](https://my.telegram.org/apps){:target="_blank"}.
*   **(Optional) FOFA Account** and **URLScan Account** if you plan to use their scanning features. You will need `FOFA_EMAIL`, `FOFA_KEY`, and `URLSCAN_API_KEY`.

### Setup

1.  **Clone the repository:**
    bash
    git clone https://github.com/0x6rss/matkap.git
    
2.  **Navigate into the project folder:**
    bash
    cd matkap
    
3.  **Create a `.env` file:**
    In the `matkap` directory, create a file named `.env` and populate it with your Telegram API credentials and optional FOFA/URLScan keys:
    dotenv
    TELEGRAM_API_ID=123456
    TELEGRAM_API_HASH=your_api_hash
    TELEGRAM_PHONE=+90000000000

    # (Optional) For FOFA & URLScan:
    FOFA_EMAIL=your_fofa_email
    FOFA_KEY=your_fofa_key
    URLSCAN_API_KEY=your_urlscan_api_key
    
4.  **Install dependencies:**
    bash
    pip install -r requirements.txt
    
5.  **Run Matkap:**
    bash
    python matkap.py
    
    Upon first run, Telegram will send a login code to your phone, which you'll need to enter in the terminal.

## Examples

Matkap offers a user-friendly interface with several key functionalities:

*   **Start Attack**: Input a malicious bot token and chat ID to begin monitoring.
*   **Forward All Messages**: Iterate through and forward older messages from a specified chat, with options to stop or resume.
*   **Hunt With FOFA**: Search for exposed Telegram Bot Tokens and Chat IDs on websites indexed by FOFA, specifically looking for `body="api.telegram.org"`. Results are logged in the Process Log.
*   **Hunt With URLScan**: Similar to FOFA, this feature uses URLScan to find exposed tokens and chat IDs referencing `domain:api.telegram.org`.
*   **Export captured messages**: All captured Telegram messages are automatically saved to the "captured_messages" directory for later analysis.

## Why Use Matkap?

Matkap is an invaluable asset for:
*   **Cyber Threat Intelligence (CTI)**: Gaining insights into the operational methods of malicious Telegram bots.
*   **OSINT Investigations**: Discovering exposed bot tokens and chat IDs that could lead to further intelligence.
*   **Security Research**: Analyzing bot behavior, message forwarding patterns, and potential data exfiltration.
*   **Educational Purposes**: Understanding the security landscape of messaging platforms and developing defensive strategies.

## Links

*   **GitHub Repository**: [0x6rss/matkap](https://github.com/0x6rss/matkap){:target="_blank"}