一般需要监控的威胁情报来源包含以下几个方面:
1、暗网论坛和交易网站
2、黑客论坛
3、聊天群组
4、公共渠道
1.前置准备
访问my.telegram.org,登陆后创建app,获取app api_id和app api_hash
下载库:pip install telethon
2.脚本编写
官方文档:https://docs.telethon.dev/
from telethon import TelegramClient, events
from telethon.errors.rpcerrorlist import AuthKeyError
from telethon.sync import TelegramClient as SyncTelegramClient
api_id = xxxx
api_hash = 'xxxxxx'
session_name = 'my_session'
chat_names = ['Test', 'groupid']
keywords = ['123', 'keyword2']
try:
client = TelegramClient(session_name, api_id, api_hash)
client.start()
except AuthKeyError:
client = SyncTelegramClient(session_name, api_id, api_hash)
client.start()
@client.on(events.NewMessage(chats=chat_names))
async def handle_new_message(event):
message_text = event.message.message
for keyword in keywords:
if keyword in message_text:
chat = await event.get_chat()
title = chat.title
sender = await event.get_sender()
sender_name = sender.first_name
print(f"Keyword '{keyword}' found in message from {sender_name} in chat '{title}': {message_text}")
print(f"Listening for messages containing {keywords} in chats {chat_names}...")
client.run_until_disconnected()
第一次执行时会让你登陆认证,注意这里手机号是需要加国际区号的,例如+86
最终效果如下图:
Tips:脚本最好放在国外服务器上跑,本地加代理会由于网络不稳定导致脚本中断
商务咨询:
0571-87031601
商务邮箱: