Benachrichtigen Benachrichtigungssystem Cheat Sheet¶
Im Überblick
Benachrichtigen ist ein vielseitiges Benachrichtigungssystem von Project Discovery, das es ermöglicht, Echtzeit-Benachrichtigungen an verschiedene Plattformen und Services zu senden. Es ist entworfen, um den Workflow zu optimieren, indem es Benutzern ermöglicht, die Ausgabe von Sicherheitstools oder Dateien direkt an mehrere Benachrichtigungsanbieter, wie Discord, Slack, Telegram und mehr zu senden.
Benachrichtigen von anderen Benachrichtigungstools ist seine nahtlose Integration mit Sicherheits-Workflows und seine Fähigkeit, verschiedene Eingabeformate zu handhaben. Es kann die Ausgabe von Sicherheitstools in Echtzeit verarbeiten, filtern und formatieren die Benachrichtigungen basierend auf bestimmten Kriterien, und senden Sie sie an mehrere Ziele gleichzeitig. Dies macht es zu einem unverzichtbaren Werkzeug für die Sicherheitsautomatisierung, so dass Sicherheitsexperten über wichtige Erkenntnisse informiert bleiben, ohne ständig ihre Werkzeuge zu überwachen.
Benachrichtigen wird häufig in Sicherheitspipelines verwendet, um über entdeckte Schwachstellen, neue Subdomains, offene Ports oder andere wichtige Ergebnisse zu informieren. Seine Flexibilität und einfache Integration machen es zu einer wertvollen Komponente in den Workflows der Sicherheitsautomatisierung und ermöglicht das Echtzeitbewusstsein von Sicherheitsfragen.
• Installation
Verwenden von Go¶
# Install using Go (requires Go 1.20 or later)
go install -v github.com/projectdiscovery/notify/cmd/notify@latest
# Verify installation
notify -version
Verwenden von Docker¶
# Pull the latest Docker image
docker pull projectdiscovery/notify:latest
# Run Notify using Docker
docker run -it projectdiscovery/notify:latest -h
Verwendung von Homebrew (macOS)¶
Verwenden von PDTM (Projekt Discovery Tools Manager)¶
# Install PDTM first if not already installed
go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest
# Install Notify using PDTM
pdtm -i notify
# Verify installation
notify -version
Auf Kali Linux
oder Basisnutzung
Mitteilungen senden¶
# Send a simple notification
echo "Hello, World!"|notify
# Send a notification with a custom message
echo "Hello, World!"|notify -message "Custom message: \\\\{\\\\{data\\\\}\\\\}"
# Send a notification from a file
cat results.txt|notify
# Send a notification with a specific provider
echo "Hello, World!"|notify -provider discord
Provider Selection¶
# Send to a specific provider
echo "Hello, World!"|notify -provider slack
# Send to multiple providers
echo "Hello, World!"|notify -provider slack,discord,telegram
# Send to all configured providers
echo "Hello, World!"|notify -provider all
Ausgabeoptionen¶
# Save notification log to a file
echo "Hello, World!"|notify -log-file notify.log
# Enable verbose output
echo "Hello, World!"|notify -v
# Show debug information
echo "Hello, World!"|notify -debug
Konfiguration des Anbieters
Discord Configuration¶
# Set Discord webhook URL
notify -set-discord-webhook https://discord.com/api/webhooks/your-webhook-url
# Set Discord username
notify -set-discord-username "Notify Bot"
# Set Discord avatar URL
notify -set-discord-avatar https://example.com/avatar.png
# Test Discord configuration
echo "Test message"|notify -provider discord
Slack Configuration¶
# Set Slack webhook URL
notify -set-slack-webhook https://hooks.slack.com/services/your-webhook-url
# Set Slack username
notify -set-slack-username "Notify Bot"
# Set Slack channel
notify -set-slack-channel "#security-alerts"
# Test Slack configuration
echo "Test message"|notify -provider slack
Telegram Configuration¶
# Set Telegram API token
notify -set-telegram-token your-api-token
# Set Telegram chat ID
notify -set-telegram-chat-id your-chat-id
# Test Telegram configuration
echo "Test message"|notify -provider telegram
E-Mail Konfiguration¶
# Set email SMTP server
notify -set-email-server smtp.gmail.com:587
# Set email credentials
notify -set-email-username your-email@gmail.com -set-email-password your-password
# Set email sender
notify -set-email-sender "Notify ``<notify@example.com>``"
# Set email recipient
notify -set-email-recipient recipient@example.com
# Test email configuration
echo "Test message"|notify -provider email
Teams Konfiguration¶
# Set Microsoft Teams webhook URL
notify -set-teams-webhook https://outlook.office.com/webhook/your-webhook-url
# Test Teams configuration
echo "Test message"|notify -provider teams
Individuelle Webhook Konfiguration¶
# Set custom webhook URL
notify -set-custom-webhook https://example.com/webhook
# Set custom webhook method
notify -set-custom-method POST
# Set custom webhook headers
notify -set-custom-headers "Content-Type: application/json,Authorization: Bearer token"
# Test custom webhook configuration
echo "Test message"|notify -provider custom
/ Fortgeschrittene Nutzung
Nachrichtenformatierung¶
# Use custom message format
echo "Vulnerability found!"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"
# Use JSON data in message
echo '\\\\{"severity":"high","vuln":"XSS"\\\\}'|notify -message "\\\\{\\\\{json.severity\\\\}\\\\} severity \\\\{\\\\{json.vuln\\\\}\\\\} found!"
# Use HTML formatting
echo "<b>Bold text</b>"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -format html
Notification Filtering¶
# Filter notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -filter "Error"
# Filter notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -filter-regex "CVE-202[2-3]-.*"
# Exclude notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -exclude "Warning"
# Exclude notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -exclude-regex "CVE-202[0-1]-.*"
Notification Grouping¶
# Group notifications by ID
echo "Finding 1"|notify -id security
echo "Finding 2"|notify -id security
# Group notifications with delay
echo "Finding 1"|notify -id security -delay 60
echo "Finding 2"|notify -id security -delay 60
Notation Throttling¶
# Set notification delay
echo "Finding 1"|notify -delay 5
# Set maximum notifications per minute
echo "Finding 1"|notify -rate-limit 10
Integration mit anderen Tools
Pipeline mit Nuclei¶
# Send Nuclei findings to Discord
nuclei -u https://example.com -t cves/ -silent|notify -provider discord
# Send only critical findings to Slack
nuclei -u https://example.com -t cves/ -silent -severity critical|notify -provider slack
# Send findings with custom message format
nuclei -u https://example.com -t cves/ -json -silent|notify -message "Vulnerability found: \\\\{\\\\{json.info.name\\\\}\\\\} (\\\\{\\\\{json.info.severity\\\\}\\\\})"
Pipeline mit Subfinder¶
# Send discovered subdomains to Telegram
subfinder -d example.com -silent|notify -provider telegram
# Send subdomains with custom message
subfinder -d example.com -silent|notify -message "New subdomain found: \\\\{\\\\{data\\\\}\\\\}"
Pipeline mit HTTPX¶
# Send active HTTP services to Discord
httpx -l domains.txt -silent|notify -provider discord
# Send only specific status codes to Slack
httpx -l domains.txt -silent -status-code 200|notify -provider slack
Pipeline mit Naabu¶
# Send open ports to Telegram
naabu -host example.com -silent|notify -provider telegram
# Send specific open ports to Discord
naabu -host example.com -silent -p 80,443,8080|notify -provider discord
/ Output Customization
Individuelle Nachrichtenvorlagen¶
# Use simple text template
echo "Finding"|notify -message "New finding: \\\\{\\\\{data\\\\}\\\\}"
# Use JSON data in template
echo '\\\\{"vuln":"XSS","url":"https://example.com"\\\\}'|notify -message "\\\\{\\\\{json.vuln\\\\}\\\\} found at \\\\{\\\\{json.url\\\\}\\\\}"
# Use conditional formatting
echo '\\\\{"severity":"high"\\\\}'|notify -message "\\\\{\\\\{if eq json.severity \"high\"\\\\}\\\\}CRITICAL ALERT\\\\{\\\\{else\\\\}\\\\}Alert\\\\{\\\\{end\\\\}\\\\}: \\\\{\\\\{json.severity\\\\}\\\\} severity finding"
Optionen formatieren¶
# Use plain text format
echo "<b>Bold text</b>"|notify -format text
# Use HTML format
echo "<b>Bold text</b>"|notify -format html
# Use Markdown format
echo "**Bold text**"|notify -format markdown
Befestigungsoptionen¶
# Send file as attachment
cat screenshot.png|notify -provider discord -attach screenshot.png
# Send multiple files as attachments
notify -provider discord -attach "screenshot.png,report.pdf" -message "Security findings"
In den Warenkorb Eigenschaften
Bulk Notifications¶
# Send bulk notifications from a file
cat findings.txt|notify
# Process JSON lines
cat findings.jsonl|notify -json-input
Interactive Mode¶
Health Check¶
# Check provider health
notify -health-check
# Check specific provider health
notify -health-check -provider discord
Fehlerbehebung
Häufige Fragen¶
ANHANG **Provider Configuration Issues*
# Verify provider configuration
notify -provider-config
# Reset provider configuration
notify -reset-provider discord
```_
2. **Beschränkung**
```bash
# Add delay between notifications
echo "Finding"|notify -delay 5
# Set rate limit
echo "Finding"|notify -rate-limit 10
```_
3. **Message Formatierungsfragen*
```bash
# Check message template
echo "Finding"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -debug
# Use simple message format first
echo "Finding"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"
```_
4. ** Authentifizierungsfragen*
```bash
# Check provider credentials
notify -provider-config
# Update provider credentials
notify -set-discord-webhook https://discord.com/api/webhooks/your-new-webhook-url
```_
### Debugging
```bash
# Enable verbose mode
echo "Finding"|notify -v
# Show debug information
echo "Finding"|notify -debug
# Check provider configuration
notify -provider-config
Konfiguration
Konfigurationsdatei¶
Eine Konfigurationsdatei unter $HOME/.config/notify/provider-config.yaml__. Sie können verschiedene Einstellungen in dieser Datei anpassen:
# Example configuration file
discord:
webhook: https://discord.com/api/webhooks/your-webhook-url
username: Notify Bot
avatar: https://example.com/avatar.png
slack:
webhook: https://hooks.slack.com/services/your-webhook-url
username: Notify Bot
channel: "#security-alerts"
telegram:
token: your-api-token
chat_id: your-chat-id
email:
server: smtp.gmail.com:587
username: your-email@gmail.com
password: your-password
sender: "Notify ``<notify@example.com>``"
recipient: recipient@example.com
Umgebungsvariablen¶
# Set Notify configuration via environment variables
export NOTIFY_DISCORD_WEBHOOK=https://discord.com/api/webhooks/your-webhook-url
export NOTIFY_SLACK_WEBHOOK=https://hooks.slack.com/services/your-webhook-url
export NOTIFY_TELEGRAM_TOKEN=your-api-token
export NOTIFY_TELEGRAM_CHAT_ID=your-chat-id
Referenz
Kommandozeilenoptionen¶
| Flag | Description |
|---|---|
| INLINE_CODE_36 | Provider(s) to send notification to |
| INLINE_CODE_37 | Custom message format for notification |
| INLINE_CODE_38 | ID to group notifications |
| INLINE_CODE_39 | Delay in seconds between notifications |
| INLINE_CODE_40 | Maximum number of notifications per minute |
| INLINE_CODE_41 | Filter notifications by content |
| INLINE_CODE_42 | Filter notifications by regex |
| INLINE_CODE_43 | Exclude notifications by content |
| INLINE_CODE_44 | Exclude notifications by regex |
| INLINE_CODE_45 | Format for notification (text, html, markdown) |
| INLINE_CODE_46 | File(s) to attach to notification |
| INLINE_CODE_47 | Process input as JSON lines |
| INLINE_CODE_48 | File to write notification log to |
| INLINE_CODE_49 | Show verbose output |
| INLINE_CODE_50 | Show debug information |
| INLINE_CODE_51 | Show Notify version |
| _ | |
| ### Provider Configuration Optionen |
| Flag | Description |
|---|---|
| INLINE_CODE_52 | Set Discord webhook URL |
| INLINE_CODE_53 | Set Discord username |
| INLINE_CODE_54 | Set Discord avatar URL |
| INLINE_CODE_55 | Set Slack webhook URL |
| INLINE_CODE_56 | Set Slack username |
| INLINE_CODE_57 | Set Slack channel |
| INLINE_CODE_58 | Set Telegram API token |
| INLINE_CODE_59 | Set Telegram chat ID |
| INLINE_CODE_60 | Set email SMTP server |
| INLINE_CODE_61 | Set email username |
| INLINE_CODE_62 | Set email password |
| INLINE_CODE_63 | Set email sender |
| INLINE_CODE_64 | Set email recipient |
| INLINE_CODE_65 | Set Microsoft Teams webhook URL |
| INLINE_CODE_66 | Set custom webhook URL |
| INLINE_CODE_67 | Set custom webhook method |
| INLINE_CODE_68 | Set custom webhook headers |
| INLINE_CODE_69 | Show provider configuration |
| INLINE_CODE_70 | Reset provider configuration |
| _ | |
| ### Unterstützte Anbieter |
| Provider | Description |
|---|---|
| INLINE_CODE_71 | Discord messaging platform |
| INLINE_CODE_72 | Slack messaging platform |
| INLINE_CODE_73 | Telegram messaging platform |
| INLINE_CODE_74 | Email notification |
| INLINE_CODE_75 | Microsoft Teams messaging platform |
| INLINE_CODE_76 | Custom webhook |
| INLINE_CODE_77 | All configured providers |
| _ | |
| Ressourcen |
- offizielle Dokumentation
- (GitHub Repository)(https://github.com/projectdiscovery/notify)
- [Project Discovery Discord](URL_80_
--
*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von Benachrichtigen, von grundlegenden Benachrichtigungen bis hin zur erweiterten Integration mit anderen Werkzeugen. Für die aktuellsten Informationen finden Sie immer die offizielle Dokumentation. *