Zum Inhalt

Benachrichtigen Benachrichtigung System Cheat Sheet

Überblick

Benachrichtigen ist ein vielseitiges Benachrichtigungssystem von Project Discovery, das es ermöglicht, Echtzeit-Benachrichtigungen an verschiedene Plattformen und Services zu senden. Es ist entworfen, um den Workflow zu optimieren, indem es Benutzern ermöglicht, die Ausgabe von Sicherheitstools oder Dateien direkt an mehrere Benachrichtigungsanbieter, wie Discord, Slack, Telegram und mehr zu senden.

Benachrichtigen von anderen Benachrichtigungstools ist seine nahtlose Integration mit Sicherheits-Workflows und seine Fähigkeit, verschiedene Eingabeformate zu handhaben. Es kann die Ausgabe von Sicherheitstools in Echtzeit verarbeiten, filtern und formatieren die Benachrichtigungen basierend auf bestimmten Kriterien, und senden Sie sie an mehrere Ziele gleichzeitig. Dies macht es zu einem unverzichtbaren Werkzeug für die Sicherheitsautomatisierung, so dass Sicherheitsexperten über wichtige Erkenntnisse informiert bleiben, ohne ständig ihre Werkzeuge zu überwachen.

Benachrichtigen wird häufig in Sicherheitspipelines verwendet, um über entdeckte Schwachstellen, neue Subdomains, offene Ports oder andere wichtige Ergebnisse zu informieren. Seine Flexibilität und einfache Integration machen es zu einer wertvollen Komponente in den Workflows der Sicherheitsautomatisierung und ermöglicht das Echtzeitbewusstsein von Sicherheitsfragen.

Installation

Verwenden Sie Go

```bash

Install using Go (requires Go 1.20 or later)

go install -v github.com/projectdiscovery/notify/cmd/notify@latest

Verify installation

notify -version ```_

Verwendung von Docker

```bash

Pull the latest Docker image

docker pull projectdiscovery/notify:latest

Run Notify using Docker

docker run -it projectdiscovery/notify:latest -h ```_

Verwendung von Homebrew (macOS)

```bash

Install using Homebrew

brew install notify

Verify installation

notify -version ```_

Verwendung von PDTM (Projekt Discovery Tools Manager)

```bash

Install PDTM first if not already installed

go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest

Install Notify using PDTM

pdtm -i notify

Verify installation

notify -version ```_

Auf Kali Linux

```bash

Install using apt

sudo apt install notify

Verify installation

notify -version ```_

Basisnutzung

Mitteilungen senden

```bash

Send a simple notification

echo "Hello, World!"|notify

Send a notification with a custom message

echo "Hello, World!"|notify -message "Custom message: \\{\\{data\\}\\}"

Send a notification from a file

cat results.txt|notify

Send a notification with a specific provider

echo "Hello, World!"|notify -provider discord ```_

Auswahl der Anbieter

```bash

Send to a specific provider

echo "Hello, World!"|notify -provider slack

Send to multiple providers

echo "Hello, World!"|notify -provider slack,discord,telegram

Send to all configured providers

echo "Hello, World!"|notify -provider all ```_

Ausgabeoptionen

```bash

Save notification log to a file

echo "Hello, World!"|notify -log-file notify.log

Enable verbose output

echo "Hello, World!"|notify -v

Show debug information

echo "Hello, World!"|notify -debug ```_

Konfiguration des Anbieters

Discord Konfiguration

```bash

Set Discord webhook URL

notify -set-discord-webhook https://discord.com/api/webhooks/your-webhook-url

Set Discord username

notify -set-discord-username "Notify Bot"

Set Discord avatar URL

notify -set-discord-avatar https://example.com/avatar.png

Test Discord configuration

echo "Test message"|notify -provider discord ```_

Slack Konfiguration

```bash

Set Slack webhook URL

notify -set-slack-webhook https://hooks.slack.com/services/your-webhook-url

Set Slack username

notify -set-slack-username "Notify Bot"

Set Slack channel

notify -set-slack-channel "#security-alerts"

Test Slack configuration

echo "Test message"|notify -provider slack ```_

Telegram Konfiguration

```bash

Set Telegram API token

notify -set-telegram-token your-api-token

Set Telegram chat ID

notify -set-telegram-chat-id your-chat-id

Test Telegram configuration

echo "Test message"|notify -provider telegram ```_

E-Mail Konfiguration

```bash

Set email SMTP server

notify -set-email-server smtp.gmail.com:587

Set email credentials

notify -set-email-username your-email@gmail.com -set-email-password your-password

Set email sender

notify -set-email-sender "Notify <notify@example.com>"

Set email recipient

notify -set-email-recipient recipient@example.com

Test email configuration

echo "Test message"|notify -provider email ```_

Teams Konfiguration

```bash

Set Microsoft Teams webhook URL

notify -set-teams-webhook https://outlook.office.com/webhook/your-webhook-url

Test Teams configuration

echo "Test message"|notify -provider teams ```_

Benutzerdefinierte Webhook Konfiguration

```bash

Set custom webhook URL

notify -set-custom-webhook https://example.com/webhook

Set custom webhook method

notify -set-custom-method POST

Set custom webhook headers

notify -set-custom-headers "Content-Type: application/json,Authorization: Bearer token"

Test custom webhook configuration

echo "Test message"|notify -provider custom ```_

Erweiterte Nutzung

Nachrichtenformatierung

```bash

Use custom message format

echo "Vulnerability found!"|notify -message "Alert: \\{\\{data\\}\\}"

Use JSON data in message

echo '\\{"severity":"high","vuln":"XSS"\\}'|notify -message "\\{\\{json.severity\\}\\} severity \\{\\{json.vuln\\}\\} found!"

Use HTML formatting

echo "Bold text"|notify -message "\\{\\{data\\}\\}" -format html ```_

Anmeldung Filter

```bash

Filter notifications by content

echo -e "Error 1\nWarning 2\nError 3"|notify -filter "Error"

Filter notifications by regex

echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -filter-regex "CVE-202[2-3]-.*"

Exclude notifications by content

echo -e "Error 1\nWarning 2\nError 3"|notify -exclude "Warning"

Exclude notifications by regex

echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -exclude-regex "CVE-202[0-1]-.*" ```_

Benachrichtigungsgruppe

```bash

Group notifications by ID

echo "Finding 1"|notify -id security echo "Finding 2"|notify -id security

Group notifications with delay

echo "Finding 1"|notify -id security -delay 60 echo "Finding 2"|notify -id security -delay 60 ```_

Notierung Drosselung

```bash

Set notification delay

echo "Finding 1"|notify -delay 5

Set maximum notifications per minute

echo "Finding 1"|notify -rate-limit 10 ```_

Integration mit anderen Tools

Pipeline mit Nuclei

```bash

Send Nuclei findings to Discord

nuclei -u https://example.com -t cves/ -silent|notify -provider discord

Send only critical findings to Slack

nuclei -u https://example.com -t cves/ -silent -severity critical|notify -provider slack

Send findings with custom message format

nuclei -u https://example.com -t cves/ -json -silent|notify -message "Vulnerability found: \\{\\{json.info.name\\}\\} (\\{\\{json.info.severity\\}\\})" ```_

Pipeline mit Subfinder

```bash

Send discovered subdomains to Telegram

subfinder -d example.com -silent|notify -provider telegram

Send subdomains with custom message

subfinder -d example.com -silent|notify -message "New subdomain found: \\{\\{data\\}\\}" ```_

Pipeline mit HTTPX

```bash

Send active HTTP services to Discord

httpx -l domains.txt -silent|notify -provider discord

Send only specific status codes to Slack

httpx -l domains.txt -silent -status-code 200|notify -provider slack ```_

Pipeline mit Naabu

```bash

Send open ports to Telegram

naabu -host example.com -silent|notify -provider telegram

Send specific open ports to Discord

naabu -host example.com -silent -p 80,443,8080|notify -provider discord ```_

Produktionsanpassung

Benutzerdefinierte Nachrichtenvorlagen

```bash

Use simple text template

echo "Finding"|notify -message "New finding: \\{\\{data\\}\\}"

Use JSON data in template

echo '\\{"vuln":"XSS","url":"https://example.com"\\}'|notify -message "\\{\\{json.vuln\\}\\} found at \\{\\{json.url\\}\\}"

Use conditional formatting

echo '\\{"severity":"high"\\}'|notify -message "\\{\\{if eq json.severity \"high\"\\}\\}CRITICAL ALERT\\{\\{else\\}\\}Alert\\{\\{end\\}\\}: \\{\\{json.severity\\}\\} severity finding" ```_

Formatierungsoptionen

```bash

Use plain text format

echo "Bold text"|notify -format text

Use HTML format

echo "Bold text"|notify -format html

Use Markdown format

echo "Bold text"|notify -format markdown ```_

Befestigungsoptionen

```bash

Send file as attachment

cat screenshot.png|notify -provider discord -attach screenshot.png

Send multiple files as attachments

notify -provider discord -attach "screenshot.png,report.pdf" -message "Security findings" ```_

Verschiedenes Eigenschaften

Bulk Notifications

```bash

Send bulk notifications from a file

cat findings.txt|notify

Process JSON lines

cat findings.jsonl|notify -json-input ```_

Interaktiver Modus

```bash

Start interactive mode

notify -interactive

Send message in interactive mode

Hello, World! ```_

Gesundheitscheck

```bash

Check provider health

notify -health-check

Check specific provider health

notify -health-check -provider discord ```_

Fehlerbehebung

Gemeinsame Themen

  1. *Provider Configuration Issues ```bash # Verify provider configuration notify -provider-config

# Reset provider configuration notify -reset-provider discord

```_

  1. Beschränkung ```bash # Add delay between notifications echo "Finding"|notify -delay 5

# Set rate limit echo "Finding"|notify -rate-limit 10

```_

  1. *Message Formatierungsfragen ```bash # Check message template echo "Finding"|notify -message "\\{\\{data\\}\\}" -debug

# Use simple message format first echo "Finding"|notify -message "Alert: \\{\\{data\\}\\}"

```_

  1. ** Authentifizierungsfragen* ```bash # Check provider credentials notify -provider-config

# Update provider credentials notify -set-discord-webhook https://discord.com/api/webhooks/your-new-webhook-url

```_

Debugging

```bash

Enable verbose mode

echo "Finding"|notify -v

Show debug information

echo "Finding"|notify -debug

Check provider configuration

notify -provider-config ```_

Konfiguration

Datei konfigurieren

Eine Konfigurationsdatei unter $HOME/.config/notify/provider-config.yaml__. Sie können verschiedene Einstellungen in dieser Datei anpassen:

```yaml

Example configuration file

discord: webhook: https://discord.com/api/webhooks/your-webhook-url username: Notify Bot avatar: https://example.com/avatar.png

slack: webhook: https://hooks.slack.com/services/your-webhook-url username: Notify Bot channel: "#security-alerts"

telegram: token: your-api-token chat_id: your-chat-id

email: server: smtp.gmail.com:587 username: your-email@gmail.com password: your-password sender: "Notify <notify@example.com>" recipient: recipient@example.com ```_

Umweltvariablen

```bash

Set Notify configuration via environment variables

export NOTIFY_DISCORD_WEBHOOK=https://discord.com/api/webhooks/your-webhook-url export NOTIFY_SLACK_WEBHOOK=https://hooks.slack.com/services/your-webhook-url export NOTIFY_TELEGRAM_TOKEN=your-api-token export NOTIFY_TELEGRAM_CHAT_ID=your-chat-id ```_

Sachgebiet

Kommandozeilenoptionen

| | Flag | Description | | | --- | --- | | | -provider | Provider(s) to send notification to | | | | -message | Custom message format for notification | | | | -id | ID to group notifications | | | | -delay | Delay in seconds between notifications | | | | -rate-limit | Maximum number of notifications per minute | | | | -filter | Filter notifications by content | | | | -filter-regex | Filter notifications by regex | | | | -exclude | Exclude notifications by content | | | | -exclude-regex | Exclude notifications by regex | | | | -format | Format for notification (text, html, markdown) | | | | -attach | File(s) to attach to notification | | | | -json-input | Process input as JSON lines | | | | -log-file | File to write notification log to | | | | -v, -verbose | Show verbose output | | | | -debug | Show debug information | | | | -version | Show Notify version | |

Optionen zur Konfiguration des Providers

| | Flag | Description | | | --- | --- | | | -set-discord-webhook | Set Discord webhook URL | | | | -set-discord-username | Set Discord username | | | | -set-discord-avatar | Set Discord avatar URL | | | | -set-slack-webhook | Set Slack webhook URL | | | | -set-slack-username | Set Slack username | | | | -set-slack-channel | Set Slack channel | | | | -set-telegram-token | Set Telegram API token | | | | -set-telegram-chat-id | Set Telegram chat ID | | | | -set-email-server | Set email SMTP server | | | | -set-email-username | Set email username | | | | -set-email-password | Set email password | | | | -set-email-sender | Set email sender | | | | -set-email-recipient | Set email recipient | | | | -set-teams-webhook | Set Microsoft Teams webhook URL | | | | -set-custom-webhook | Set custom webhook URL | | | | -set-custom-method | Set custom webhook method | | | | -set-custom-headers | Set custom webhook headers | | | | -provider-config | Show provider configuration | | | | -reset-provider | Reset provider configuration | |

Unterstützte Provider

| | Provider | Description | | | --- | --- | | | discord | Discord messaging platform | | | | slack | Slack messaging platform | | | | telegram | Telegram messaging platform | | | | email | Email notification | | | | teams | Microsoft Teams messaging platform | | | | custom | Custom webhook | | | | all | All configured providers | |

Ressourcen

  • [offizielle Dokumentation](__LINK_3___
  • [GitHub Repository](_LINK_3__
  • [Project Discovery Discord](__LINK_3___

--

*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von Benachrichtigen, von grundlegenden Benachrichtigungen bis hin zur erweiterten Integration mit anderen Werkzeugen. Für die aktuellsten Informationen finden Sie immer die offizielle Dokumentation. *