🕵️ Find Who's Behind Any Telegram Account

Tutorials & Methods
,
1

:crystal_ball: Every Working Telegram Lookup Tool in One Place

:world_map: One-Line Flow: Find who’s behind an account, what data leaked about them, and which groups they’re in. How? Phone number → permanent ID → leaked databases → cross-platform usernames → real identity. That’s it. That’s the whole game.

:skull: Why This Matters

Most “Telegram OSINT tips” circulating are dead techniques from 2021 that got patched years ago.
This separates what’s still breathing from what’s been buried — so you stop wasting time on recycled garbage.
Zero skills needed. Just know where to look and what buttons to press.

:headstone: What’s Dead (Stop Using These)

People Nearby / Trilateration — RIP 2024

Remember that trick where you spoof GPS from 3 points and triangulate someone’s exact location?

Killed by Telegram after Durov’s arrest. Pavel personally announced it’s gone. The “People Nearby” feature no longer exists. Geogramint, Telegram Nearby Map — all of it is paperweights now.

You’ll still find tutorials about this everywhere. They’re all obsolete.

Phone Number URL Check (t.me/+PHONENUMBER)

The tip from the screenshot you showed me.

Reality: ~90% of users have “Who can find me by phone number” set to “My Contacts” or “Nobody.”

What you get now: "Sorry, there is no such user" almost every time.

Only works on accounts with weak privacy settings. Which is almost nobody who matters.

:white_check_mark: What Actually Works

:key: The Permanent Anchor: User ID

Usernames change. Phone numbers change. Display names change.

User ID never changes. Assigned at registration, permanent forever.

This is your tracking anchor. Everything else is noise.

How to get it
  • Forward any message from them to @IDBot
  • Or use @UserInfoBot, @Telesint
  • Telepathy tool does this programmatically

:page_facing_up: File Metadata (This Is The Real Shit)


Telegram STRIPS: Images (all EXIF/GPS gone) Telegram PRESERVES: PDF, DOCX, XLSX, MP4, MOV

PDFs and Word docs keep author names, “Last Modified By”, creation software, timestamps.

Run exiftool suspicious_file.pdf on anything shared in channels.

Why this matters

APT28 got attributed partly because their phishing docs had "Last Modified By: Сергей" in Cyrillic.

People upload docs thinking they’re safe. They’re not.

:link: Forward Message Tracking

Every forwarded message carries metadata linking back to the original source.

This creates a graph. Channel A forwarded from B which forwarded from C.

Map disinformation networks. Find the original source. See who’s connected to who.

Tool for this

Telepathy by jordanwildon — creates edgelists automatically

telepathy -t channelname --forwards

Outputs CSV you can throw into Gephi for visualization.

:spiral_calendar: Account Age Estimation

IDs are assigned roughly sequentially. Known ID/date pairs allow interpolation.

Use case: Detect sock puppets. New account pushing old narratives = suspicious.

Bots that do this
  • @creationdatebot
  • @regdate_clone_bot

GitHub: karipov/creationDate

:detective: The Leak Bot Ecosystem

Russian/CIS Telegram has bots that aggregate breach data. Phone → email → social accounts → real name.

They get taken down constantly. They reappear under new names constantly.

Currently active (changes weekly)
Bot What it does
@GetContactBot Russian TrueCaller. Names people saved your number as.
@SocialMediaLeaksBOT Leaked social media data
@karma_cybersec_bot Ukrainian. ID/name/phone/email lookup
@ssb_russian_probiv_bot Russian “probiv” (lookup)
@HowToFindRU_Robot Paid. Searches harvested leak datasets

:warning: These bots require YOUR phone number to use. They now have it too. Use burners.

:microscope: The Swiss Army Knife: Telepathy

Most serious practitioners use one tool: Telepathy (originally jordanwildon, now prose-intelligence-ltd)

What it does
  • Archive entire chats (CSV + JSON + media)
  • Scrape member lists (up to 5k visible)
  • Map forward relationships between channels
  • User activity analysis
  • Location-based searches
  • Handles rate limits gracefully (doesn’t lose data)
git clone https://github.com/prose-intelligence-ltd/Telepathy-Community.git
pip install -r requirements.txt

Requires Telegram API credentials from my.telegram.org (free) [/details]

:brain: Non-Obvious Insights

[details=“Things most guides don’t mention”] 1. Service messages are timeline markers “User X joined the group” = exact timestamps for activity reconstruction

2. Replies create partial subscriber lists Can’t see channel subscribers. BUT users who reply ARE visible. Partial enumeration through engagement.

3. Deleted content isn’t gone

  • Telemetr.io indexes deleted posts (7 days, free tier)
  • Wayback Machine archives Telegram since 2022

4. Aged accounts see more Fresh burner accounts get worse results. API returns different data based on account age/history. “Invisible” members become visible to accounts that have “seen” them before.

5. Same API key, multiple phone numbers = parallel scans Telepathy supports -a flag for alternative numbers.

:round_pushpin: Where Insiders Actually Operate

Channels worth following
  • @ibederov_en — Igor Bederov, active researcher
  • @HowToFind / @HowToFind_RU — tips and links
  • @CyberDetective — essential, English
  • Интернет-Розыск — Russian OSINT news
  • Утечки информации — leak announcements
GitHub repos that stay updated
  • The-Osint-Toolbox/Telegram-OSINT — maintained post-Durov arrest
  • ItIsMeCall911/Awesome-Telegram-OSINT
  • prose-intelligence-ltd/Telepathy-Community
  • rescenic/telegram-osint — includes regex analysis
Research orgs doing real work
  • Molfar Intelligence Institute (Ukrainian)
  • OS2INT (workflow articles at os2int.com/toolbox/)
  • Bellingcat (phone checker tool on GitHub)

:high_voltage: Quick Reference Workflows

Phone Number → Identity 
1. Bellingcat Phone Checker → linked to Telegram?
2. If yes → @IDBot → get user ID
3. @creationdatebot → account age
4. @GetContactBot → what names people saved it as
5. @SocialMediaLeaksBOT → breach data
6. Cross-ref VK/Instagram via Russian bots
Username → Full Profile 
1. @IDBot → permanent Telegram ID
2. Sherlock / WhatsMyName → same username elsewhere
3. Google: site:t.me "username"
4. TGStat / Telemetr.io → channel activity
5. Wayback Machine → archived content
6. Telepathy → if they're in accessible groups
Channel Investigation 
1. telepathy -t channelname → basic scan
2. Archive with date range
3. --forwards flag → map connected channels
4. exiftool on any PDF/DOCX/video shared
5. Gephi → visualize network

:warning: OPSEC

  • Burner phone for API registration
  • Leak bots now have YOUR number
  • Fresh accounts get worse results — age them
  • Desktop app only for export functions
  • True OSINT is passive. Don’t interact.

“The real signal lives in the metadata: the user who changed their username three times in a month, the forwarded message that links two seemingly unrelated scam groups, or the historic profile picture that reveals a face before the account went anon.”

The “private” messenger has more leaks than a submarine made of swiss cheese. Now you know where to look.

The tools are free. The bots are live. The rest is just clicking buttons.

11 Likes
2

always posting the good stuff

2 Likes
3

the bot is paid i guess? do you have any free one?

4

Most of those bots want your money after 2 clicks. Here’s the stuff that’s actually free — self-hosted scripts, unlimited bots, and the tricks nobody talks about.

:world_map: One-Line Flow: Run your own lookups for $0 using free scripts and bots. How? Burner account → free API key → self-hosted tools = unlimited searches. The bots just monetize your laziness.

:money_with_wings: Why Free Matters Here

You don’t need to pay anyone to search leaked databases or cross-reference usernames. The data is already public — you’re just paying for someone else’s server time. Every “premium” bot is running the same open-source code you can run yourself. The difference? They added a payment wall and a Telegram wrapper.

🛠️ Self-Hosted Scripts (Run Yourself, Actually Free Forever)

These require a free Telegram API key from my.telegram.org + a burner account. That’s it.

Tool What It Does Link
Bellingcat Phone Checker Phone → Telegram account (username, ID, name, photo) github.com/bellingcat/telegram-phone-number-checker
Telepathy Archive chats, scrape memberlists, map forwards, analyze posters github.com/prose-intelligence-ltd/Telepathy-Community
Maigret Username → 3000+ sites cross-platform github.com/soxoj/maigret
Sherlock Username → 400+ platforms github.com/sherlock-project/sherlock
Holehe Email → 120+ site registration check (silent, no alerts) github.com/megadose/holehe
Telethon Raw Python API — build literally anything github.com/LonamiWebs/Telethon

Quick setup for any of these:

git clone [repo]
cd [folder]
pip install -r requirements.txt
python main.py

First run asks for API ID + Hash from my.telegram.org. Use a burner number.

🤖 100% Free Bots (No Install, Unlimited)

These cost nothing. No limits. No catches.

Bot What It Does
@userinfobot Get any user’s Telegram ID from username
@creationdatebot Estimate when an account was created
@username_to_id_bot Username → numeric ID converter
@SangMataInfo_bot Username change history tracker
@WhoisDomBot Domain WHOIS lookup
@MsisdnInfoBot Phone region + operator (basic info)
@osint_maigret_bot Username cross-platform search (runs Maigret)

These are the foundation. Start here before paying anyone.

🎫 Free Tier Bots (Limited Daily, But Still Free)

These have paywalls but give you enough free queries to be useful.

Bot Free Tier Function
@tgdb_search_bot 5/day Shows which groups a user is in
@Quick_OSINT_bot 2-3 free Phone/email leaks, social links
@GetGmail_bot Limited Gmail account connections
@UniversalSearchBot Limited Yandex/social media links
@PhoneLeaks_bot Limited Phone number leak search
@yandexidbot Limited Yandex email → phone number

Pro move: Make multiple Telegram accounts with different burner numbers. Each gets fresh free tier.

🇺🇦 Ukrainian OSINT Bots (Free, War-Focused)

These are specifically built for conflict research. They get banned constantly — follow their channels for updated links.

Bot Focus
@OsintKit Russian war criminals database
@karma_cybersec_bot ID/name/phone/email lookup (Ukrainian dev)

:warning: These bots require sharing your phone number. Use a burner.

🌐 Free Web Tools (No Account, No Install)

Just open and search.

Site What It Does
tg-user.id Username → ID converter (instant)
tgstat.ru Channel analytics, keyword search
telemetr.io Analytics + deleted posts (7 days, free tier)
lyzem.com Search messages across public channels
xtea.io Telegram search engine
search.buzz.im Public channel message search
web.archive.org Deleted Telegram content (archived since 2022)

Google Dork: site:t.me "username" or site:t.me "keyword"

🧠 Hidden Free Tricks Nobody Mentions

  1. Telemetr.io deleted posts — Free tier shows deleted content from the last 7 days. Most people don’t know this exists.

  2. TelegramDB /where command — Shows groups a user is in. 5 free queries per day at @tgdb_search_bot.

  3. ExifTool on Telegram files — Telegram strips metadata from images but preserves it on PDFs, DOCX, XLSX, MP4, MOV. Download any document, run exiftool filename.pdf, get author names, creation dates, sometimes timezones.

  4. Wayback Machine Telegram archiveweb.archive.org has been archiving Telegram since 2022. Deleted channels/posts often still exist there.

  5. Multiple API sessions — Same API key works with different phone numbers. Run parallel searches without hitting rate limits.

  6. Forward message metadata — When someone forwards a message, it carries traceable data back to the original source. Telepathy can map these relationships automatically.

⚡ The Broke OSINT Stack (Copy This) 
Username → @osint_maigret_bot (free, instant, 3000+ sites)
Phone → Bellingcat checker (self-hosted, unlimited)
Email → Holehe (self-hosted, 120+ sites, silent)
User ID → @userinfobot (free, instant)
Group membership → @tgdb_search_bot (5/day free)
Account age → @creationdatebot (free)
Leaks → @Quick_OSINT_bot (couple free per account)
Deleted content → telemetr.io or Wayback Machine

This stack costs $0 and covers 90% of what the paid bots do.

💀 What About Eye of God / Глаз Бога?

Got raided in early 2025. Putin signed a law with 10-year prison sentences for unauthorized personal data distribution. Their Russian office got searched, service got shut down in RF.

The bot still technically exists but it’s sketchy now. Alternatives that do similar things:

:key: The Real Answer

The paid bots are just running open-source code on their servers. You can run the exact same tools yourself for free. The only thing you’re paying for is convenience.

If you want zero effort: use the free tier bots above.
If you want unlimited: spend 10 minutes setting up Maigret or Holehe.

Telegram: where privacy goes to feel safe and metadata goes to snitch. :magnifying_glass_tilted_left:

2 Likes