{"id":13790992,"url":"https://github.com/aaarghhh/a_TON_of_privacy","last_synced_at":"2025-05-12T09:33:39.728Z","repository":{"id":205610355,"uuid":"698422275","full_name":"aaarghhh/a_TON_of_privacy","owner":"aaarghhh","description":"ATOP formally A ton of Privacy, a swissarmyknife for investigations on TON blockchain.","archived":false,"fork":false,"pushed_at":"2024-07-29T16:16:18.000Z","size":62,"stargazers_count":15,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-14T18:33:32.136Z","etag":null,"topics":["blockcain","investigations","osint-tool","ton"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aaarghhh.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-29T22:11:40.000Z","updated_at":"2024-12-15T00:53:33.000Z","dependencies_parsed_at":"2024-03-21T23:35:54.220Z","dependency_job_id":"38ea0b69-e738-41e3-a0f9-ea208607358b","html_url":"https://github.com/aaarghhh/a_TON_of_privacy","commit_stats":{"total_commits":27,"total_committers":2,"mean_commits":13.5,"dds":0.4814814814814815,"last_synced_commit":"b5d6b0f3dab9babb5a92abe28b20d8040579bcf3"},"previous_names":["aaarghhh/a_ton_of_privacy"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aaarghhh%2Fa_TON_of_privacy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aaarghhh%2Fa_TON_of_privacy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aaarghhh%2Fa_TON_of_privacy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aaarghhh%2Fa_TON_of_privacy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aaarghhh","download_url":"https://codeload.github.com/aaarghhh/a_TON_of_privacy/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253709468,"owners_count":21951153,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockcain","investigations","osint-tool","ton"],"created_at":"2024-08-03T22:00:54.031Z","updated_at":"2025-05-12T09:33:39.458Z","avatar_url":"https://github.com/aaarghhh.png","language":"Python","funding_links":[],"categories":["\u003cimg src=\"https://cryptologos.cc/logos/thumbs/toncoin.png\" alt=\"ton\" style=\"width:25px;\" width=\"25\" height=\"25\" /\u003e [](#toncoin) TONCOIN - TON","I - Tools List","[](#table-of-contents) Table of contents"],"sub_categories":["TON OTHER","[](#font-indenfication)Font Indenfication"],"readme":"# A TON of privacy v0.2.24\n## ATOP - A tool for investigating TON network and its NFT.\n\n\"A TON of Privacy\" formally called ATOP ... is a tool for conducting OSINT investigations on TON (Telegram 🙃) NFTs.  \n  \nThe TON network is increasingly integrated with the Telegram ecosystem, via NFT. Telegram allows people to purchase numbers, domains and nicknames through cryptocurrency.  \n  \nATOP aims to give visibility into the addresses and details of the holders of these assets. Using this tool you will be able to retrieve:\n- Address of the owner\n- Scam status\n- Balance\n- Other related NFT\n  \nATOP supports:\n- TON DNS\n- TON NICKNAME\n- TON PHONE NUMBERS (+888)\n\n## INSTALLATION\n### 1. Git clone the repository.\n```\n$ git clone https://github.com/aaarghhh/a_TON_of_privacy.git\n$ cd a_TON_of_privacy\n```\nInstall dependencies using pip and the file requirements.\n```\n$ pip install -r requirements.txt\n```\n### 2. Via pipx\n```\n$ pipx install atop\n```\n## USAGE \n\n\nIf atop was installed as a **global package** (pipx): \n```\n$ a-ton-of-privacy --target \"+888 12345678\"\n```\nIf atop was installed cloning the repository, from the root directory of the repository:\n```\ncd src/\n# python -m atop.atop --target @whatiamlookingfor\n```\nIt retrieves information about a:\n- Telephone numbers\n```\n$ python3 /src/atop/atop.py --target \"+888 12345678\"\n```\n- Nickname \n```\n$ python3 /src/atop/atop.py --target @telegram_nickname\n```\n- Domain \n```\n$ python3 /src/atop/atop.py --target atop.ton\n```\nThe OUTPUT will contain information about the owner of the asset.\n```\nWelcome in the realm of.....\n\n ▄▄▄         ▄▄▄█████▓ ▒█████   ███▄    █     ▒█████    █████▒   \n▒████▄       ▓  ██▒ ▓▒▒██▒  ██▒ ██ ▀█   █    ▒██▒  ██▒▓██   ▒    \n▒██  ▀█▄     ▒ ▓██░ ▒░▒██░  ██▒▓██  ▀█ ██▒   ▒██░  ██▒▒████ ░    \n░██▄▄▄▄██    ░ ▓██▓ ░ ▒██   ██░▓██▒  ▐▌██▒   ▒██   ██░░▓█▒  ░    \n ▓█   ▓██▒     ▒██▒ ░ ░ ████▓▒░▒██░   ▓██░   ░ ████▓▒░░▒█░       \n ▒▒   ▓▒█░     ▒ ░░   ░ ▒░▒░▒░ ░ ▒░   ▒ ▒    ░ ▒░▒░▒░  ▒ ░       \n  ▒   ▒▒ ░       ░      ░ ▒ ▒░ ░ ░░   ░ ▒░     ░ ▒ ▒░  ░         \n  ░   ▒        ░      ░ ░ ░ ▒     ░   ░ ░    ░ ░ ░ ▒   ░ ░       \n      ░  ░                ░ ░           ░        ░ ░             \n                                                                 \n ██▓███   ██▀███   ██▓ ██▒   █▓ ▄▄▄       ▄████▄▓██   ██▓        \n▓██░  ██▒▓██ ▒ ██▒▓██▒▓██░   █▒▒████▄    ▒██▀ ▀█ ▒██  ██▒        \n▓██░ ██▓▒▓██ ░▄█ ▒▒██▒ ▓██  █▒░▒██  ▀█▄  ▒▓█    ▄ ▒██ ██░        \n▒██▄█▓▒ ▒▒██▀▀█▄  ░██░  ▒██ █░░░██▄▄▄▄██ ▒▓▓▄ ▄██▒░ ▐██▓░        \n▒██▒ ░  ░░██▓ ▒██▒░██░   ▒▀█░   ▓█   ▓██▒▒ ▓███▀ ░░ ██▒▓░        \n▒▓▒░ ░  ░░ ▒▓ ░▒▓░░▓     ░ ▐░   ▒▒   ▓▒█░░ ░▒ ▒  ░ ██▒▒▒         \n░▒ ░       ░▒ ░ ▒░ ▒ ░   ░ ░░    ▒   ▒▒ ░  ░  ▒  ▓██ ░▒░         \n░░         ░░   ░  ▒ ░     ░░    ░   ▒   ░       ▒ ▒ ░░          \n            ░      ░        ░        ░  ░░ ░     ░ ░             \n                           ░             ░       ░ ░             \nv 0.2.25\n\n [!] START CRAWLING.... NUMBER: +888XXXXXXXXXXXX\n\n [+]  Details for number: +8880XXXXXXXXXXXXXXXXX\n  ├  Owner address:  0:c8351922XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n  ├  Is scam:  False\n  ├  Last activity:  2023-XXXXXXXXXXXXx\n  ├  Balance:  0.9XXXXXXXXXX\n  └  ------------------------------------\n\n [+]  NFTs found: 2\n  ├  Address: EQCJXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n  |  Name: +888 XXXXXX, Kind: CollectionItem\n  |  Collection: Anonymous Telegram Numbers\n  |  Url: https://nft.fragment.com/number/XXXXX.webp\n  |\n  ├  Address: EQCnIG-ZXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n  |  Name: +888 XXXXXXX, Kind: CollectionItem\n  |  Collection: Anonymous Telegram Numbers\n  |  Url: https://nft.fragment.com/number/XXXXXX.webp\n  └  ------------------------------------\n\nProcess finished with exit code 0\n```\n## FLAGS \n- The flag `-c` supports pivots and in depth analysis, ATM it helps to correlate TON domains to ENS domains, simply pivoting on the second-level domain.\n```\n[+]  Details for domain ENS domain: xxxxxx.eth\n  ├  Owner address:  0xd8xxxxxxxxxxxxxxxxxxxxxxx\n  ├  Registration:  2020-xxxxxxxxxxxxxxxx\n  ├  Expiry:  2034-xxxxxxxxxxxxxxxxxxxxxx\n  └  ------------------------------------\n```\n- The flag `-t` enable a TOR SOCK5 proxy for each connection.\n\n- The flag `-s` is silent so it doesn't print any result on stdout. \n\n- The flag `-p` will enable the pivot from TON NFT to TELEGRAM account, this is a new feature that requires a fine tune in order to avoid bad OPSEC mistake. **PLEASE READ THE NEXT CHAPTER CAREFULLY**\n\n- The flag `-l` it's a flag that let to create a session string. The session string is a string that could be used to authenticate to Telegram avoiding the use of SQLLITE, this string could be used in .env file in order to investigate on +888 TON numbers.\n\n```\n [!] Please enter your API ID: 123232132131\n [!] Please enter your API Hash: 12321312321321321321321\n [!] Please enter your phone number: +112312312312 ( sock puppet account BEWARE!! )\nPlease enter your phone (or bot token): \u003e? +112312312312 ( sock puppet account BEWARE!! )\nPlease enter the code you received: \u003e? 12345\nWarning: Password input may be echoed.\nPlease enter your password: xxxxxxxx \n```\n\n- The parameter `--picpath`, if `-p` enabled, can contain a path where Telegram profile pics will be stored. Each file will be renamed as Telegram_id[.]extension.\n\n## TELEGRAM PIVOTING \n\nFor using this new feature you need to be sure that you properly **‼️ setup a clean dedicated sock puppet ‼️**.  \nYou can follow different guide on how to create them with a disposable number.\nThe sockpuppet need to be hardened as much is possible.\n\n### UNDER PRIVACY SETTINGS ON YOUR TELEGRAM CLIENT\n\nUse this setting in order to hardening your Telegram account.\n```\nPhone number -\u003e Nobody\nLast Seen / Online -\u003e Nobody \nProfile Pics -\u003e Nobody\nBio -\u003e Nobody\nForwarded Message -\u003e Nobody\nCalls -\u003e Nobody\nGroup \u0026 Channel -\u003e Nobody\n```\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github-production-user-asset-6210df.s3.amazonaws.com/968839/271731626-75fdfdde-a997-40c9-8cca-d32f444ad276.png\" /\u003e\n\u003c/p\u003e\n\nAfter the sock puppet creation, You'll need API HASH and API KEY. \nTelegram 'API_ID' and 'API_HASH', which you can get by creating a developers account using this link: https://my.telegram.org/.  \nPlace these values in a .env file in the directory where you launch or set environment variable for the session, along with the phone number of your Telegram account:\n\n```\nAPI_ID=123456\nAPI_HASH=aaaaaaaavvvvvvbbbbbbbbb1223\nPHONE_NUMBER=+11234XXXXXX\nSESSION_STRING=aabababababbababab123123...\n```\nIf your Telegram account was properly created and your file .env was installed in the directory where you launch the tool, a new SQLlite containing your Telegram session information will be created. If you'll use SESSION_STRING, the SQLlite file will be ignored and the authentication phase will skipped.\n\n## CREDITS\nSpecial thanks to Bellingcat Group for creating this project [Telegram Phone Number Checker](https://github.com/bellingcat/telegram-phone-number-checker), it helped me to realize that this method could be used on TON network too. \n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faaarghhh%2Fa_TON_of_privacy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faaarghhh%2Fa_TON_of_privacy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faaarghhh%2Fa_TON_of_privacy/lists"}