This repository contains a Python-based OSINT Telegram bot called SaidSecurity Domain Checker Bot, accessible here on Telegram.
The bot allows you to check domain information such as:
- DNS records (A, AAAA, MX, NS, SOA, TXT)
- Subdomain count
- IP addresses
It uses the SecurityTrails API for data retrieval and is hosted on an AWS VPS (free tier for up to 1 year).
- Multi-API key rotation: Automatically switches between multiple SecurityTrails API keys to handle rate limits.
- Rate limiting per user: Users are limited to 2 domain checks per day to reduce abuse.
- Input validation: Verifies domains before processing, helping prevent misuse and errors.
- Admin logging: Logs each domain check request to a specific admin chat for monitoring.
- Bot commands:
/start— Welcome message and usage instructions/check domain.com— Check domain info/contact— Contact details
The bot rotates through multiple API keys to avoid service disruptions when one key hits a rate limit.
Domain input is strictly validated using regex before any API call, preventing malicious or malformed requests.
Each user is restricted to 2 checks per day, limiting excessive or abusive usage.
All checks are reported to an admin (your Telegram ID), so you can monitor usage and potential suspicious activity.
- Python (>=3.10)
- python-telegram-bot v20+
- AWS VPS hosting
As an ethical hacker, I designed this bot following good security practices:
- Avoid exposing sensitive logic and internal structures publicly.
- Validate all external inputs.
- Monitor and limit usage through daily limits and admin logs.
- Use environment variables or secrets to store actual API keys and bot tokens in production.
Try it live: @osint_domain_bot
This project is licensed under the MIT License.
- LinkedIn: Nursaid Kamilli
- Website: saidsecurity.com