MALWARE-OSINT-Raspberry/malware_bot.py at main · 123tool/MALWARE-OSINT-Raspberry · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import logging
import requests
from telegram import Update
from telegram.ext import ApplicationBuilder, ContextTypes, CommandHandler

# Konfigurasi API (Gunakan .env untuk best practice)
TELEGRAM_TOKEN = 'TOKEN_BOT_MU'
VT_API_KEY = 'API_KEY_VIRUSTOTAL'

logging.basicConfig(format='%(asctime)s - %(name)s - %(message)s', level=logging.INFO)

# Fungsi untuk Cek URL ke VirusTotal
def check_vt(target):
    url = f"https://www.virustotal.com/api/v3/urls"
    headers = {"x-apikey": VT_API_KEY}
    # Logic: Kirim URL dan ambil analisisnya
    # (Ini kerangka dasar, bisa dikembangkan ke file hash juga)
    return "Analisis: Menunggu hasil dari VirusTotal..."

# Command: Start
async def start(update: Update, context: ContextTypes.DEFAULT_TYPE):
    await update.message.reply_text("🕵️ SPY-Malware OSINT Bot Aktif!\nKirim URL atau Hash untuk dicheck.")

# Command: Crawl Malware Terbaru (dari URLHaus)
async def crawl(update: Update, context: ContextTypes.DEFAULT_TYPE):
    await update.message.reply_text("🔍 Mengambil data malware terbaru dari URLHaus...")
    try:
        response = requests.get("https://urlhaus-api.abuse.ch/v1/urls/recent/")
        data = response.json()
        if data['query_status'] == 'ok':
            msg = "⚡ **Recent Malware Found:**\n"
            for item in data['urls'][:5]: # Ambil 5 teratas
                msg += f"• URL: `{item['url']}`\n  Tag: {item['tags']}\n"
            await update.message.reply_text(msg, parse_mode='Markdown')
    except Exception as e:
        await update.message.reply_text(f"❌ Error: {e}")

if __name__ == '__main__':
    app = ApplicationBuilder().token(TELEGRAM_TOKEN).build()

    app.add_handler(CommandHandler('start', start))
    app.add_handler(CommandHandler('crawl', crawl))

    print("Bot is running...")
    app.run_polling()