OTP-Bot

Join our discord --> Discord

A powerful, menu-driven Telegram OTP bot that automates @ttacks via phone calls and SMS, using third party API to get the data.

This platform includes a built-in, tiered subscription management system. As the owner, you can grant access to other users under flexible plans: 7-day, monthly, quarterly, or lifetime, allowing you to monetize and scale your operation with minimal overhead. Admins retain full control: add or remove users, assign admin privileges, and manage access levels, all through an intuitive Telegram interface. It’s not just a tool, it’s a scalable, self-contained business model.

Features:

• Automated V1shing (Voice Ph1shing)
• SMS Ph1shing (Sm1shing)
• Pre-Built Scripts (Credit Card, Bank Account, PIN, OTP, SSN, Driver's License, Apple Pay)
• Fully Customizable Scripts
• Multi-Step Data H@rvesting (e.g., C@rd Nvmber -> CVV -> Expiry)
• Real-Time Data Delivery (Sends info directly to Telegram)
• Call Recording & Delivery (Sends MP3 recording of the entire call)
• Machine Detection (Hangs up on voicemail/answering machines)
• Interactive Voice Response (IVR) (Uses DTMF tones for vic input)
• Call/SMS Status Updates (Ringing, Answered, Busy, Delivered, etc.)
• Admin Panel & User Management (Add/Delete Admins & Users)
• Subscription Tiers (Test, 7 Days, 1 Month, 3 Months, Lifetime)
• US Number Validation (Ensures targets are in correct format)

Check it out --> Discord

⚠️ DISCLAIMER — READ CAREFULLY BEFORE USING THIS SOFTWARE ⚠️

This repository contains a proof-of-concept educational tool intended strictly for authorized security research, penetration testing, and educational purposes within legally compliant environments. It is NOT intended for — and must NOT be used for — any form of illegal activity, harassment, fraud, unauthorized surveillance, or real-world phishing attacks against individuals or organizations.

🔹 LEGAL WARNING:

• Using this tool to phish, scam, or extract personal/financial information (including OTPs, SSNs, credit card data, etc.) from individuals without their explicit consent is illegal in virtually all jurisdictions and violates multiple federal and international laws (including but not limited to CFAA, GDPR, CCPA, TCPA, and wire fraud statutes).
• Phone-based social engineering (vishing), SMS phishing (smishing), or any form of deception to harvest sensitive data is a criminal offense if performed without authorization.
• The owner, contributors, and distributors of this code accept no liability for misuse, damages, legal consequences, or criminal prosecution resulting from unauthorized deployment.

🔹 ETHICAL & RESPONSIBLE USE ONLY:

• This tool should only be used in controlled environments (e.g., red team labs, authorized penetration tests, or educational demos) with written consent from all parties involved.
• Do not target real phone numbers, real institutions, or real individuals.
• Do not monetize, distribute, or operate this as a “business model” targeting unsuspecting victims — doing so is unethical and unlawful.

🔹 NO WARRANTY: This software is provided “AS IS”, without warranty of any kind, express or implied. The authors disclaim all liability for any damages, data loss, legal penalties, or system failures arising from use or misuse of this tool.

🔹 YOU ARE RESPONSIBLE: By cloning, building, or deploying this code, you acknowledge that you alone are responsible for ensuring your actions comply with all applicable laws and ethical standards. Ignorance is not a defense.