TelegramRAT: Cross-Platform RAT Controlled via Telegram Bot
TelegramRAT is a remote access tool (RAT) that uses Telegram as a C2 server to bypass network filters. The tool runs on multiple platforms, letting you execute shell commands, download files, and gather system information through a bot. It's designed for red team scenarios and requires basic Python and Telegram API knowledge.
Installation is straightforward: clone the repository from GitHub and follow the README instructions. The main file is client.py, where you configure API_TOKEN and chat_id.
Installation and Initial Setup
To deploy:
git clone https://github.com/machine1337/TelegramRAT.git
- Create a bot via @BotFather in Telegram and get your API_TOKEN.
- Find your chat_id (use @userinfobot).
- Open client.py and insert the values on lines 16–17:
API_TOKEN = 'your_token_here'
chat_id = 'your_chat_id_here'
- Run:
python3 client.py.
The server side listens for commands from the bot. After launch, go to the bot and send a message—the tool is ready to go.
Key Features
TelegramRAT supports a range of commands for remote control. The full list is shown with the help command.
- Shell commands: Direct execution via the bot, e.g.,
dirto list the directory. - File downloads: Upload from client to server.
- System information: Details on OS, processes, and hardware specs.
- Geolocation: Get device coordinates.
- Screenshots: Capture screen with the
screenshotcommand. - URL downloads: Fetch files from direct links.
Example dir output:

Screenshots are generated instantly and sent to the chat.
Commands in Detail
| Command | Description | Example Output |
|---------|----------|---------------|
| help | List of all commands | Text list of features |
| dir | Contents of current directory | Files and folders with permissions |
| screenshot | Screen capture | PNG image in chat |
| sysinfo | System information | OS, CPU, RAM, IP |
| download <path> | Download file | File attached to message |
For geolocation, use location—requires GPS access. Shell runs with user permission limits.
Security and Limitations
The tool bypasses firewalls using legitimate Telegram traffic but can be detected by behavior: frequent requests or unusual commands. Don't use in production without a sandbox. Test in a virtual environment.
For senior developers: check the source for customizations. client.py uses asyncio, bot.py relies on the python-telegram-bot library. Possible enhancements include persistence or traffic encryption.
Key points:
- Using Telegram as C2 minimizes network blocks but logs activity on Telegram servers.
- Shell and file ops support make it versatile for pentesting.
- Requires precise token/chat_id setup to activate.
helpcommand unlocks full functionality.- Educational tool, not for illegal use.
— Editorial Team
No comments yet.