07 Jan 12:33

a5ddeab

v0.7.0 - Message Sending & Token Annotation Latest

Latest

TelegramDigger v0.7.0 Release Notes

Release Date: 2026-01-07

🎉 What's New

Version 0.7.0 introduces powerful new capabilities for messaging and token management, making TelegramDigger more versatile for security testing and automation workflows.

✨ Major Features

1. Message Sending System

Send messages to any Telegram chat directly from the command line! This feature is perfect for automated alerts, security notifications, and bot interaction testing.

Basic Usage

telegramdigger --send-message "Hello World" --chatid 123456789

Advanced Formatting

Choose from three formatting modes:

Markdown:

telegramdigger --send-message "*bold* _italic_ \`code\`" --chatid 123 --parse-mode Markdown

HTML:

telegramdigger --send-message "<b>Alert:</b> Token found at <code>location</code>" \
  --chatid 123 --parse-mode HTML

MarkdownV2:

telegramdigger --send-message "*bold* __underline__ ~strike~" --chatid 123 --parse-mode MarkdownV2

Delivery Options

Silent Messages - Send without notifications:

telegramdigger --send-message "Low priority update" --chatid 123 --silent

Disable Link Preview - Clean messages without previews:

telegramdigger --send-message "Check https://example.com" --chatid 123 --nopreview

Combine All Options:

telegramdigger --send-message "<b>Security Alert</b>

Token exposed at: <code>https://github.com/repo/file</code>" \
  --chatid 123 --parse-mode HTML --silent --nopreview

2. Token Annotation System

Add context and notes to validated tokens for better tracking and organization.

# Validate and annotate in one command
telegramdigger --validate --token "TOKEN" --note "Found on production server"

# Notes are stored in tokens-seen file
# Format: token#timestamp#note

Use Cases:

Track where tokens were discovered
Document token ownership
Add remediation status
Link to incident reports

Example tokens-seen file:

123456:ABC...#2026-01-07 13:00:00#Production web server
789012:DEF...#2026-01-07 13:05:00#Client mobile app
345678:GHI...#2026-01-07 13:10:00#Staging environment

📚 New Documentation

FORMATTING.md

Comprehensive guide covering:

Complete syntax reference for all formatting modes
Real-world security alert examples
Best practices for silent messages
When to use link preview disabling
Common automation use cases

Table of Contents:

Markdown Mode (basic formatting)
MarkdownV2 Mode (advanced features)
HTML Mode (rich formatting)
Special Options (silent & nopreview)
Tips and Best Practices
Common Use Cases with Examples

🔧 Technical Improvements

API Enhancements

Extended TelegramApi::sendMessage() with:
- parseMode parameter (Markdown/MarkdownV2/HTML)
- disableNotification parameter (silent messages)
- disableWebPagePreview parameter (no link previews)
Full URL encoding for message text
Proper handling of special characters

Configuration Updates

Config::saveTokenSeen() now accepts optional note parameter
Backward compatible with existing tokens-seen format
Secure file permissions maintained (0600)

Argument Parsing

New helper functions:

getParseMode() - Extract formatting mode
hasSilentFlag() - Detect silent flag
hasNoPreviewFlag() - Detect nopreview flag
getNote() - Extract note text

💡 Use Cases

Security Alerting

# Send formatted security alert
telegramdigger --send-message "
<b>🔴 CRITICAL ALERT</b>

<b>Issue:</b> Bot token exposed
<b>Location:</b> Public GitHub repo
<b>Token:</b> <code>123456:ABC...</code>

<i>Immediate action required</i>
" --chatid -1001234567890 --parse-mode HTML

Automated Monitoring

# Silent hourly status update
telegramdigger --send-message "
*Hourly Report*

• Tokens scanned: 45
• Valid tokens: 12
• New findings: 3

_Status: Operational_
" --chatid 123456789 --parse-mode Markdown --silent

Token Management

# Validate and document token source
telegramdigger --validate \
  --token "123456:ABC..." \
  --note "Discovered in /var/www/config.php on server-01"

Clean Link Sharing

# Share multiple links without previews
telegramdigger --send-message "
*Daily Reports Available*

• Security: https://reports.example.com/security
• Compliance: https://reports.example.com/compliance
• Incidents: https://reports.example.com/incidents
" --chatid 123 --parse-mode Markdown --nopreview

🔄 Backward Compatibility

All existing features remain unchanged:

Token validation works as before
Analysis features unchanged
Webhook management unchanged
Existing tokens-seen files are fully compatible

The --note parameter is optional - existing workflows continue to work without modification.

📦 Installation

From Source

git clone https://github.com/kawaiipantsu/telegramdigger.git
cd telegramdigger
git checkout v0.7.0
make
sudo make install

Verify Installation

telegramdigger --version
# Should show: TelegramDigger v0.7.0

📖 Documentation Updates

Updated --help screen with all new options
Added comprehensive examples section
Created FORMATTING.md guide
Updated CHANGELOG.md with detailed changes
Enhanced CLAUDE.md for AI assistance

🙏 Acknowledgments

This release was developed with assistance from Claude Code (claude.ai/code).

🐛 Bug Reports & Feedback

Found an issue? Have a suggestion?

GitHub Issues: https://github.com/kawaiipantsu/telegramdigger/issues
Discussions: https://github.com/kawaiipantsu/telegramdigger/discussions

🔜 What's Next?

Future releases may include:

Message templates
Batch message sending
Interactive message features (buttons, keyboards)
Message scheduling
Enhanced token management
Export/import functionality

Full Changelog: https://github.com/kawaiipantsu/telegramdigger/blob/main/CHANGELOG.md

Previous Release: v0.6.1

Assets 4

0 Join discussion

06 Jan 11:49

kawaiipantsu

v0.6.1

67f0783

TelegramDigger v0.6.1

📖 What's New Since v0.6.0

v0.6.1 Additions

✨ --groupid flag for targeted group analysis
✨ --chatid flag for targeted chat analysis
✨ Support for multiple chat IDs in single command
✨ Enhanced examples section in help screen
🛡️ Input validation for chat IDs
📊 Progress indicators for additional chat analysis

v0.6.0 Major Features (Previous Release)

🔍 Comprehensive OSINT analysis (--analyze)
🛡️ Security weakness detection (4 categories)
📄 Professional markdown report generation
📊 8 new Telegram API methods
🔐 Privacy and security auditing
📈 Real-time progress indicators

⚖️ Legal & Ethics

IMPORTANT: This tool is intended for:

✅ Authorized security testing and penetration testing
✅ CTF (Capture The Flag) challenges
✅ Educational and research purposes
✅ Defensive security analysis

You must have explicit permission to test any bot tokens and analyze any chats that you do not own or manage.

Unauthorized access to computer systems and private chats is illegal. Use this tool responsibly and ethically.

🐛 Known Issues

None reported in this release.

📞 Support & Contributing

Issues: https://github.com/kawaiipantsu/telegramdigger/issues
Email: thugsred@protonmail.com
Community: THUGS(red) Hacking Community

Contributions, bug reports, and feature requests are welcome!

🔮 Coming Soon

Potential features for future releases:

User-based analysis and tracking
Export formats (JSON, CSV, XML)
Automated scheduling for periodic analysis
Comparison reports between analysis runs
Advanced filtering and search in reports

Developed with ❤️ for the security research community

KawaiiPantsu | THUGS(red) Hacking Community

Assets 4

05 Jan 13:53

kawaiipantsu

v0.5.0

67f0783

TelegramDigger v0.5.0 - Full-Featured Bot Token Analysis Tool

Release v0.5.0 - Full-Featured Bot Token Analysis Tool

First Major Release 🎉

TelegramDigger v0.5.0 provides a comprehensive suite of tools for analyzing and testing Telegram bot tokens discovered during authorized security assessments.

🚀 What's New

Webhook Management

Complete control over Telegram bot webhooks:

--webhook-get / --webhook-info - View current webhook configuration and status
--webhook-set <URL> - Configure HTTPS webhook endpoint for receiving updates
--webhook-delete - Remove webhook configuration

Bot Administrator Rights

Analyze default admin permissions:

--read-botrights - Display all 12 permission flags for groups and channels
Separate sections for Groups/Supergroups and Channels
Color-coded Yes/No indicators

Bulk Token Validation

Process multiple tokens efficiently:

--bulk-validate [FILE] - Validate tokens from file (one per line)
CSV format support with automatic timestamp tracking
Progress indicators and summary statistics
Displays bot names for valid tokens

Token Validation & Tracking

Core security testing features:

--validate - Validate token format and API status
Automatic storage of validated tokens with metadata
Secure CSV log in ~/.telegramdigger/tokens-seen
Bot information extraction (ID, name, username, capabilities)

📦 Installation

Debian/Ubuntu

# Download the package
wget https://github.com/kawaiipantsu/telegramdigger/releases/download/v0.5.0/telegramdigger_0.5.0_amd64.deb

# Install
sudo dpkg -i telegramdigger_0.5.0_amd64.deb

From Source

git clone https://github.com/kawaiipantsu/telegramdigger.git
cd telegramdigger
make
sudo make install

Requirements: build-essential, libcurl4-openssl-dev

🔧 Quick Start

# Set token via environment
export TGDIGGER_TOKEN="123456789:ABCdefGHI..."

# Validate the token
telegramdigger --validate

# Check admin rights
telegramdigger --read-botrights

# View webhook status
telegramdigger --webhook-get

📋 All Features

Feature	Command
Token Validation	`--validate`
Bulk Validation	`--bulk-validate [FILE]`
Bot Rights	`--read-botrights`
Get Webhook	`--webhook-get`
Set Webhook	`--webhook-set <URL>`
Delete Webhook	`--webhook-delete`

🔐 Security Features

Stack protection and PIE enabled
HTTPS-only communication with SSL verification
Secure file permissions (0600/0700)
No external dependencies except libcurl

🎨 User Experience

ANSI 256-color terminal output
UTF-8 icon support (Nerd Fonts)
Professional ASCII art header
Clear error messages and guidance
Multiple token input methods (CLI, env, config)

📊 Technical Details

Language: C++17
Package Size: ~50 KB
Binary Size: ~168 KB
Architecture: amd64

📖 Documentation

README.md - Complete usage guide
CHANGELOG.md - Detailed change history

⚖️ Legal Notice

This tool is for authorized security testing only.

You must have explicit permission to test any bot tokens that you do not own. Unauthorized access is illegal.

🐛 Issues & Support

Report Issues: https://github.com/kawaiipantsu/telegramdigger/issues
Email: thugsred@protonmail.com

🙏 Credits

Developer: KawaiiPantsu
Organization: THUGS(red) Hacking Community

Checksums (SHA256):

# Run after download:
sha256sum telegramdigger_0.5.0_amd64.deb

Built with ❤️ for the security research community

Assets 4

Releases: kawaiipantsu/telegramdigger

v0.7.0 - Message Sending & Token Annotation

TelegramDigger v0.7.0 Release Notes

🎉 What's New

✨ Major Features

1. Message Sending System

Basic Usage

Advanced Formatting

Delivery Options

2. Token Annotation System

📚 New Documentation

FORMATTING.md

🔧 Technical Improvements

API Enhancements

Configuration Updates

Argument Parsing

💡 Use Cases

Security Alerting

Automated Monitoring

Token Management

Clean Link Sharing

🔄 Backward Compatibility

📦 Installation

From Source

Verify Installation

📖 Documentation Updates

🙏 Acknowledgments

🐛 Bug Reports & Feedback

🔜 What's Next?

Uh oh!

TelegramDigger v0.6.1

📖 What's New Since v0.6.0

v0.6.1 Additions

v0.6.0 Major Features (Previous Release)

⚖️ Legal & Ethics

🐛 Known Issues

📞 Support & Contributing

🔮 Coming Soon

Uh oh!

TelegramDigger v0.5.0 - Full-Featured Bot Token Analysis Tool

Release v0.5.0 - Full-Featured Bot Token Analysis Tool

🚀 What's New

Webhook Management

Bot Administrator Rights

Bulk Token Validation

Token Validation & Tracking

📦 Installation

Debian/Ubuntu

From Source

🔧 Quick Start

📋 All Features

🔐 Security Features

🎨 User Experience

📊 Technical Details

📖 Documentation

⚖️ Legal Notice

🐛 Issues & Support

🙏 Credits

Uh oh!