Notify Notification System Cheat Sheet

Overview

Notify is a versatile notification system developed by Project Discovery that allows sending real-time notifications to various platforms and services. It’s designed to streamline the workflow by enabling users to pipe the output of security tools or files directly to multiple notification providers, such as Discord, Slack, Telegram, and more.

What sets Notify apart from other notification tools is its seamless integration with security workflows and its ability to handle various input formats. It can process the output of security tools in real-time, filter and format the notifications based on specific criteria, and send them to multiple destinations simultaneously. This makes it an essential tool for security automation, allowing security professionals to stay informed about important findings without constantly monitoring their tools.

Notify is commonly used in security pipelines to alert about discovered vulnerabilities, new subdomains, open ports, or any other significant findings. Its flexibility and ease of integration make it a valuable component in security automation workflows, enabling real-time awareness of security issues.

Installation

Using Go

# Install using Go (requires Go 1.20 or later)
go install -v github.com/projectdiscovery/notify/cmd/notify@latest

# Verify installation
notify -version

Using Docker

# Pull the latest Docker image
docker pull projectdiscovery/notify:latest

# Run Notify using Docker
docker run -it projectdiscovery/notify:latest -h

Using Homebrew (macOS)

# Install using Homebrew
brew install notify

# Verify installation
notify -version

Using PDTM (Project Discovery Tools Manager)

# Install PDTM first if not already installed
go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest

# Install Notify using PDTM
pdtm -i notify

# Verify installation
notify -version

On Kali Linux

# Install using apt
sudo apt install notify

# Verify installation
notify -version

Basic Usage

Sending Notifications

# Send a simple notification
echo "Hello, World!"|notify

# Send a notification with a custom message
echo "Hello, World!"|notify -message "Custom message: \\\\{\\\\{data\\\\}\\\\}"

# Send a notification from a file
cat results.txt|notify

# Send a notification with a specific provider
echo "Hello, World!"|notify -provider discord

Provider Selection

# Send to a specific provider
echo "Hello, World!"|notify -provider slack

# Send to multiple providers
echo "Hello, World!"|notify -provider slack,discord,telegram

# Send to all configured providers
echo "Hello, World!"|notify -provider all

Output Options

# Save notification log to a file
echo "Hello, World!"|notify -log-file notify.log

# Enable verbose output
echo "Hello, World!"|notify -v

# Show debug information
echo "Hello, World!"|notify -debug

Provider Configuration

Discord Configuration

# Set Discord webhook URL
notify -set-discord-webhook https://discord.com/api/webhooks/your-webhook-url

# Set Discord username
notify -set-discord-username "Notify Bot"

# Set Discord avatar URL
notify -set-discord-avatar https://example.com/avatar.png

# Test Discord configuration
echo "Test message"|notify -provider discord

Slack Configuration

# Set Slack webhook URL
notify -set-slack-webhook https://hooks.slack.com/services/your-webhook-url

# Set Slack username
notify -set-slack-username "Notify Bot"

# Set Slack channel
notify -set-slack-channel "#security-alerts"

# Test Slack configuration
echo "Test message"|notify -provider slack

Telegram Configuration

# Set Telegram API token
notify -set-telegram-token your-api-token

# Set Telegram chat ID
notify -set-telegram-chat-id your-chat-id

# Test Telegram configuration
echo "Test message"|notify -provider telegram

Email Configuration

# Set email SMTP server
notify -set-email-server smtp.gmail.com:587

# Set email credentials
notify -set-email-username your-email@gmail.com -set-email-password your-password

# Set email sender
notify -set-email-sender "Notify ``<notify@example.com>``"

# Set email recipient
notify -set-email-recipient recipient@example.com

# Test email configuration
echo "Test message"|notify -provider email

Teams Configuration

# Set Microsoft Teams webhook URL
notify -set-teams-webhook https://outlook.office.com/webhook/your-webhook-url

# Test Teams configuration
echo "Test message"|notify -provider teams

Custom Webhook Configuration

# Set custom webhook URL
notify -set-custom-webhook https://example.com/webhook

# Set custom webhook method
notify -set-custom-method POST

# Set custom webhook headers
notify -set-custom-headers "Content-Type: application/json,Authorization: Bearer token"

# Test custom webhook configuration
echo "Test message"|notify -provider custom

Advanced Usage

Message Formatting

# Use custom message format
echo "Vulnerability found!"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"

# Use JSON data in message
echo '\\\\{"severity":"high","vuln":"XSS"\\\\}'|notify -message "\\\\{\\\\{json.severity\\\\}\\\\} severity \\\\{\\\\{json.vuln\\\\}\\\\} found!"

# Use HTML formatting
echo "<b>Bold text</b>"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -format html

Notification Filtering

# Filter notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -filter "Error"

# Filter notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -filter-regex "CVE-202[2-3]-.*"

# Exclude notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -exclude "Warning"

# Exclude notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -exclude-regex "CVE-202[0-1]-.*"

Notification Grouping

# Group notifications by ID
echo "Finding 1"|notify -id security
echo "Finding 2"|notify -id security

# Group notifications with delay
echo "Finding 1"|notify -id security -delay 60
echo "Finding 2"|notify -id security -delay 60

Notification Throttling

# Set notification delay
echo "Finding 1"|notify -delay 5

# Set maximum notifications per minute
echo "Finding 1"|notify -rate-limit 10

Integration with Other Tools

Pipeline with Nuclei

# Send Nuclei findings to Discord
nuclei -u https://example.com -t cves/ -silent|notify -provider discord

# Send only critical findings to Slack
nuclei -u https://example.com -t cves/ -silent -severity critical|notify -provider slack

# Send findings with custom message format
nuclei -u https://example.com -t cves/ -json -silent|notify -message "Vulnerability found: \\\\{\\\\{json.info.name\\\\}\\\\} (\\\\{\\\\{json.info.severity\\\\}\\\\})"

Pipeline with Subfinder

# Send discovered subdomains to Telegram
subfinder -d example.com -silent|notify -provider telegram

# Send subdomains with custom message
subfinder -d example.com -silent|notify -message "New subdomain found: \\\\{\\\\{data\\\\}\\\\}"

Pipeline with HTTPX

# Send active HTTP services to Discord
httpx -l domains.txt -silent|notify -provider discord

# Send only specific status codes to Slack
httpx -l domains.txt -silent -status-code 200|notify -provider slack

Pipeline with Naabu

# Send open ports to Telegram
naabu -host example.com -silent|notify -provider telegram

# Send specific open ports to Discord
naabu -host example.com -silent -p 80,443,8080|notify -provider discord

Output Customization

Custom Message Templates

# Use simple text template
echo "Finding"|notify -message "New finding: \\\\{\\\\{data\\\\}\\\\}"

# Use JSON data in template
echo '\\\\{"vuln":"XSS","url":"https://example.com"\\\\}'|notify -message "\\\\{\\\\{json.vuln\\\\}\\\\} found at \\\\{\\\\{json.url\\\\}\\\\}"

# Use conditional formatting
echo '\\\\{"severity":"high"\\\\}'|notify -message "\\\\{\\\\{if eq json.severity \"high\"\\\\}\\\\}CRITICAL ALERT\\\\{\\\\{else\\\\}\\\\}Alert\\\\{\\\\{end\\\\}\\\\}: \\\\{\\\\{json.severity\\\\}\\\\} severity finding"

Formatting Options

# Use plain text format
echo "<b>Bold text</b>"|notify -format text

# Use HTML format
echo "<b>Bold text</b>"|notify -format html

# Use Markdown format
echo "**Bold text**"|notify -format markdown

Attachment Options

# Send file as attachment
cat screenshot.png|notify -provider discord -attach screenshot.png

# Send multiple files as attachments
notify -provider discord -attach "screenshot.png,report.pdf" -message "Security findings"

Miscellaneous Features

Bulk Notifications

# Send bulk notifications from a file
cat findings.txt|notify

# Process JSON lines
cat findings.jsonl|notify -json-input

Interactive Mode

# Start interactive mode
notify -interactive

# Send message in interactive mode
> Hello, World!

Health Check

# Check provider health
notify -health-check

# Check specific provider health
notify -health-check -provider discord

Troubleshooting

Common Issues

1. Provider Configuration Issues

   # Verify provider configuration
   notify -provider-config
   
   # Reset provider configuration
   notify -reset-provider discord

2. Rate Limiting

   # Add delay between notifications
   echo "Finding"|notify -delay 5
   
   # Set rate limit
   echo "Finding"|notify -rate-limit 10

3. Message Formatting Issues

   # Check message template
   echo "Finding"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -debug
   
   # Use simple message format first
   echo "Finding"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"

4. Authentication Issues

   # Check provider credentials
   notify -provider-config
   
   # Update provider credentials
   notify -set-discord-webhook https://discord.com/api/webhooks/your-new-webhook-url

Debugging

# Enable verbose mode
echo "Finding"|notify -v

# Show debug information
echo "Finding"|notify -debug

# Check provider configuration
notify -provider-config

Configuration

Configuration File

Notify uses a configuration file located at $HOME/.config/notify/provider-config.yaml. You can customize various settings in this file:

# Example configuration file
discord:
  webhook: https://discord.com/api/webhooks/your-webhook-url
  username: Notify Bot
  avatar: https://example.com/avatar.png

slack:
  webhook: https://hooks.slack.com/services/your-webhook-url
  username: Notify Bot
  channel: "#security-alerts"

telegram:
  token: your-api-token
  chat_id: your-chat-id

email:
  server: smtp.gmail.com:587
  username: your-email@gmail.com
  password: your-password
  sender: "Notify ``<notify@example.com>``"
  recipient: recipient@example.com

Environment Variables

# Set Notify configuration via environment variables
export NOTIFY_DISCORD_WEBHOOK=https://discord.com/api/webhooks/your-webhook-url
export NOTIFY_SLACK_WEBHOOK=https://hooks.slack.com/services/your-webhook-url
export NOTIFY_TELEGRAM_TOKEN=your-api-token
export NOTIFY_TELEGRAM_CHAT_ID=your-chat-id

Reference

Command Line Options

Flag	Description
-provider	Provider(s) to send notification to
-message	Custom message format for notification
-id	ID to group notifications
-delay	Delay in seconds between notifications
-rate-limit	Maximum number of notifications per minute
-filter	Filter notifications by content
-filter-regex	Filter notifications by regex
-exclude	Exclude notifications by content
-exclude-regex	Exclude notifications by regex
-format	Format for notification (text, html, markdown)
-attach	File(s) to attach to notification
-json-input	Process input as JSON lines
-log-file	File to write notification log to
-v, -verbose	Show verbose output
-debug	Show debug information
-version	Show Notify version

Provider Configuration Options

Flag	Description
-set-discord-webhook	Set Discord webhook URL
-set-discord-username	Set Discord username
-set-discord-avatar	Set Discord avatar URL
-set-slack-webhook	Set Slack webhook URL
-set-slack-username	Set Slack username
-set-slack-channel	Set Slack channel
-set-telegram-token	Set Telegram API token
-set-telegram-chat-id	Set Telegram chat ID
-set-email-server	Set email SMTP server
-set-email-username	Set email username
-set-email-password	Set email password
-set-email-sender	Set email sender
-set-email-recipient	Set email recipient
-set-teams-webhook	Set Microsoft Teams webhook URL
-set-custom-webhook	Set custom webhook URL
-set-custom-method	Set custom webhook method
-set-custom-headers	Set custom webhook headers
-provider-config	Show provider configuration
-reset-provider	Reset provider configuration

Supported Providers

Provider	Description
discord	Discord messaging platform
slack	Slack messaging platform
telegram	Telegram messaging platform
email	Email notification
teams	Microsoft Teams messaging platform
custom	Custom webhook
all	All configured providers

Resources

• Official Documentation
• GitHub Repository
• Project Discovery Discord

---

This cheat sheet provides a comprehensive reference for using Notify, from basic notifications to advanced integration with other tools. For the most up-to-date information, always refer to the official documentation.