Cybersecurity automation is no longer just a luxury—it's a necessity. In a world flooded with constant threats and security misconfigurations, penetration testers, ethical hackers, and system administrators need smarter, faster ways to detect and neutralize vulnerabilities. That's why I built an AI-Powered Telegram Bot designed to automate reconnaissance, scanning, and exploitation—all from your phone.

This project is a Telegram bot that brings the power of widely respected open-source security tools to your chat interface. Whether you're scanning networks, extracting files, or performing auto-exploits, this bot transforms complex operations into simple Telegram commands.

Key Highlights:

• Network scanning using Nmap

• Vulnerability detection via Nikto, sqlmap, and OWASP ZAP

• Exploit modules for XSS, SQLi, RCE, LFI, and more

• AI summaries and explanations with NLP

• File access & log wiping for stealth operations

Features Breakdown

Network Scanning

Scan individual IP addresses or entire subnets using the power of Nmap. Get immediate feedback on open ports and active services.

🛡 Vulnerability Detection Integrates with industry-standard tools:

• Nikto: Web server vulnerability scanner

• sqlmap: Automatic SQL injection and database takeover tool

• OWASP ZAP: Popular web application security scanner

Auto-Exploitation

Initiate real-time attacks to demonstrate:

• Remote Code Execution (RCE)

-Cross-Site Scripting (XSS)

-SQL Injection (SQLi)

-Local and Remote File Inclusion (LFI/RFI)

• Deserialization vulnerabilities

• Command Injection

• Path Traversal

NB: The integration of ai works pretty well if you have paid API. In my case, I did not use Open-ai API because it is a paid API. However, in this project, I relied on using Sumy. what is Sumy? Sumy is a python library for text summarization. It parses the documents and provide the summary in the human readable format ( especially for non-technical audience).

How to run in?

You need Kali Operating system with python installed already. You will also need to create python scripts or visit my GitHub for source code. source code: https://github.com/thierrynshimiyumukiza/telegrambot

In your kali, you need to run the general file which is bot.py and make sure that or environmental variables are set in .env file. The environmental variable will contain your bot id from telegram and also the secrete id. (they are confidential).

after running this script; you will have to go on your phone directly in the bot you created and run the different commands like;

you will have to attach url of a targe website you are trying to reach. then the scan will start imidiately and you will get the results in no more than 2-5min. The result contains summary from ai summarizer and also detailed explanations about the target. the results looks like this;

after getting results, you can analyze them and also can try to use other modules to get the ultimate output you desire. the in-code implemented modules for my bot are;

you can use all of those modules by just writing a so called "/" (oblique line) famously known as root and then add a module you want to use then also and the parameter just like this;

**/lfi <parameter> ** the parameter can be url.

for more information on source code visit my repository through this link to learn more

link to my work: https://github.com/thierrynshimiyumukiza/telegrambot

Created by Thierry Mukiza