Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
SharpBot
Selfbots are officially banned. For more information, see here.
SharpBot is an ever-expanding Discord selfbot powered by Discord.js that has a bunch of fun and useful commands. From automating boring tasks with shortcuts to fetching a random cat picture from the internet, SharpBot has it all! Features include Google searching, fetching extended information about users and servers, dice rolls, quoting messages, setting your game, shortening URLs, keeping track of your todo list, embedding messages, generating memes, and so much more!
FAQ
Commands
Table of contents
Usage
Requirements
git(Windows | Linux | macOS)node(Windows | Linux | macOS) (make sure to get the latest)yarn(Windows | Linux | macOS)
If you want a simple reason to use
yarninstead ofnpm, see here.
Installing
To install SharpBot, run the following command in Terminal / Git Bash / Command Prompt:
yarn global add sharpbot
Note: The first time you start the bot, you will enter the setup wizard. It takes just a few seconds to enter the needed information, and it sets up the bot for you.
Running
You can run the bot by running the command sharpbot in Terminal / Git Bash / Command Prompt.
Do
sharpbot --helpfor more options.
Updating
To update SharpBot, run the following command in Terminal / Git Bash / Command Prompt:
yarn global upgrade --latest sharpbot
Getting your user-token
- Open the Discord application
- Hit
CTRL+SHIFT+I(CMD+ALT+Ion macOS) to bring up the Developers Console
If you already see the
Applicationtab, you can skip step 2
- At the top, click on the arrow pointing to the right
- Click
Application - Go to
Local Storageunder theStoragesection - Click on
https://discordapp.com - At the bottom of the list, the last key should be
token - Copy the value on the right side (omitting the quotes)
Credits
The bot was originally a modified version of eslachance's djs-selfbot-v9, but over time I've completely rewritten it. The commands are a compilation of my own work as well as snippets found online.
Join Me
If you need help with my bot, have a feature to request or just want to chat, you can join my Discord server! If you don't have Discord, don't worry. It only takes a few moments to sign up.
This README.md has super cow powers.
FAQs
A Discord.js selfbot written by Rayzr - 60 second installation!
The npm package sharpbot receives a total of 2 weekly downloads. As such, sharpbot popularity was classified as not popular.
We found that sharpbot demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 26 Jul 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026