Notificar el sistema de notificación

Sinopsis

Notificar es un sistema de notificación versátil desarrollado por Project Discovery que permite enviar notificaciones en tiempo real a diversas plataformas y servicios. Está diseñado para simplificar el flujo de trabajo permitiendo a los usuarios utilizar la salida de herramientas de seguridad o archivos directamente a múltiples proveedores de notificación, como Discord, Slack, Telegram y más.

Lo que establece Notify apart from other notification tools is its seamless integration with security workflows and its ability to handle various input formatos. Puede procesar la salida de herramientas de seguridad en tiempo real, filtrar y formatear las notificaciones basadas en criterios específicos, y enviarlas a múltiples destinos simultáneamente. Esto lo convierte en una herramienta esencial para la automatización de la seguridad, permitiendo a los profesionales de la seguridad mantenerse informados sobre importantes hallazgos sin monitorear constantemente sus herramientas.

Notificar es comúnmente utilizado en tuberías de seguridad para alertar sobre vulnerabilidades descubiertas, subdominios nuevos, puertos abiertos o cualquier otro hallazgo significativo. Su flexibilidad y facilidad de integración lo convierten en un componente valioso en los flujos de trabajo de automatización de la seguridad, lo que permite una conciencia en tiempo real de las cuestiones de seguridad.

Instalación

Usando Go

# Install using Go (requires Go 1.20 or later)
go install -v github.com/projectdiscovery/notify/cmd/notify@latest

# Verify installation
notify -version

Usando Docker

# Pull the latest Docker image
docker pull projectdiscovery/notify:latest

# Run Notify using Docker
docker run -it projectdiscovery/notify:latest -h

Utilizando Homebrew (macOS)

# Install using Homebrew
brew install notify

# Verify installation
notify -version

Utilizando PDTM (Project Discovery Tools Manager)

# Install PDTM first if not already installed
go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest

# Install Notify using PDTM
pdtm -i notify

# Verify installation
notify -version

En Kali Linux

# Install using apt
sudo apt install notify

# Verify installation
notify -version

Uso básico

Envío de notificaciones

# Send a simple notification
echo "Hello, World!"|notify

# Send a notification with a custom message
echo "Hello, World!"|notify -message "Custom message: \\\\{\\\\{data\\\\}\\\\}"

# Send a notification from a file
cat results.txt|notify

# Send a notification with a specific provider
echo "Hello, World!"|notify -provider discord

Selección del proveedor

# Send to a specific provider
echo "Hello, World!"|notify -provider slack

# Send to multiple providers
echo "Hello, World!"|notify -provider slack,discord,telegram

# Send to all configured providers
echo "Hello, World!"|notify -provider all

Opciones de salida

# Save notification log to a file
echo "Hello, World!"|notify -log-file notify.log

# Enable verbose output
echo "Hello, World!"|notify -v

# Show debug information
echo "Hello, World!"|notify -debug

Configuración del proveedor

Configuración de disco

# Set Discord webhook URL
notify -set-discord-webhook https://discord.com/api/webhooks/your-webhook-url

# Set Discord username
notify -set-discord-username "Notify Bot"

# Set Discord avatar URL
notify -set-discord-avatar https://example.com/avatar.png

# Test Discord configuration
echo "Test message"|notify -provider discord

Configuración de Slack

# Set Slack webhook URL
notify -set-slack-webhook https://hooks.slack.com/services/your-webhook-url

# Set Slack username
notify -set-slack-username "Notify Bot"

# Set Slack channel
notify -set-slack-channel "#security-alerts"

# Test Slack configuration
echo "Test message"|notify -provider slack

Configuración de telegramas

# Set Telegram API token
notify -set-telegram-token your-api-token

# Set Telegram chat ID
notify -set-telegram-chat-id your-chat-id

# Test Telegram configuration
echo "Test message"|notify -provider telegram

Configuración de correo electrónico

# Set email SMTP server
notify -set-email-server smtp.gmail.com:587

# Set email credentials
notify -set-email-username your-email@gmail.com -set-email-password your-password

# Set email sender
notify -set-email-sender "Notify ``<notify@example.com>``"

# Set email recipient
notify -set-email-recipient recipient@example.com

# Test email configuration
echo "Test message"|notify -provider email

Configuración de equipos

# Set Microsoft Teams webhook URL
notify -set-teams-webhook https://outlook.office.com/webhook/your-webhook-url

# Test Teams configuration
echo "Test message"|notify -provider teams

Configuración Webhook personalizada

# Set custom webhook URL
notify -set-custom-webhook https://example.com/webhook

# Set custom webhook method
notify -set-custom-method POST

# Set custom webhook headers
notify -set-custom-headers "Content-Type: application/json,Authorization: Bearer token"

# Test custom webhook configuration
echo "Test message"|notify -provider custom

Uso avanzado

Formato de mensaje

# Use custom message format
echo "Vulnerability found!"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"

# Use JSON data in message
echo '\\\\{"severity":"high","vuln":"XSS"\\\\}'|notify -message "\\\\{\\\\{json.severity\\\\}\\\\} severity \\\\{\\\\{json.vuln\\\\}\\\\} found!"

# Use HTML formatting
echo "<b>Bold text</b>"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -format html

Filtro de notificación

# Filter notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -filter "Error"

# Filter notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -filter-regex "CVE-202[2-3]-.*"

# Exclude notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -exclude "Warning"

# Exclude notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -exclude-regex "CVE-202[0-1]-.*"

Grupo de notificación

# Group notifications by ID
echo "Finding 1"|notify -id security
echo "Finding 2"|notify -id security

# Group notifications with delay
echo "Finding 1"|notify -id security -delay 60
echo "Finding 2"|notify -id security -delay 60

Notification Throttling

# Set notification delay
echo "Finding 1"|notify -delay 5

# Set maximum notifications per minute
echo "Finding 1"|notify -rate-limit 10

Integración con otras herramientas

Pipeline con Nuclei

# Send Nuclei findings to Discord
nuclei -u https://example.com -t cves/ -silent|notify -provider discord

# Send only critical findings to Slack
nuclei -u https://example.com -t cves/ -silent -severity critical|notify -provider slack

# Send findings with custom message format
nuclei -u https://example.com -t cves/ -json -silent|notify -message "Vulnerability found: \\\\{\\\\{json.info.name\\\\}\\\\} (\\\\{\\\\{json.info.severity\\\\}\\\\})"

Pipeline con Subfinder

# Send discovered subdomains to Telegram
subfinder -d example.com -silent|notify -provider telegram

# Send subdomains with custom message
subfinder -d example.com -silent|notify -message "New subdomain found: \\\\{\\\\{data\\\\}\\\\}"

Pipeline con HTTPX

# Send active HTTP services to Discord
httpx -l domains.txt -silent|notify -provider discord

# Send only specific status codes to Slack
httpx -l domains.txt -silent -status-code 200|notify -provider slack

Pipeline con Naabu

# Send open ports to Telegram
naabu -host example.com -silent|notify -provider telegram

# Send specific open ports to Discord
naabu -host example.com -silent -p 80,443,8080|notify -provider discord

Personalización de productos

Plantillas de mensaje personalizadas

# Use simple text template
echo "Finding"|notify -message "New finding: \\\\{\\\\{data\\\\}\\\\}"

# Use JSON data in template
echo '\\\\{"vuln":"XSS","url":"https://example.com"\\\\}'|notify -message "\\\\{\\\\{json.vuln\\\\}\\\\} found at \\\\{\\\\{json.url\\\\}\\\\}"

# Use conditional formatting
echo '\\\\{"severity":"high"\\\\}'|notify -message "\\\\{\\\\{if eq json.severity \"high\"\\\\}\\\\}CRITICAL ALERT\\\\{\\\\{else\\\\}\\\\}Alert\\\\{\\\\{end\\\\}\\\\}: \\\\{\\\\{json.severity\\\\}\\\\} severity finding"

Opciones de formato

# Use plain text format
echo "<b>Bold text</b>"|notify -format text

# Use HTML format
echo "<b>Bold text</b>"|notify -format html

# Use Markdown format
echo "**Bold text**"|notify -format markdown

Opciones de acoplamiento

# Send file as attachment
cat screenshot.png|notify -provider discord -attach screenshot.png

# Send multiple files as attachments
notify -provider discord -attach "screenshot.png,report.pdf" -message "Security findings"

Varios Características

Notificaciones a granel

# Send bulk notifications from a file
cat findings.txt|notify

# Process JSON lines
cat findings.jsonl|notify -json-input

Modo interactivo

# Start interactive mode
notify -interactive

# Send message in interactive mode
> Hello, World!

Control de salud

# Check provider health
notify -health-check

# Check specific provider health
notify -health-check -provider discord

Solución de problemas

Cuestiones comunes

1. ** Cuestiones de configuración de proveedores**

   # Verify provider configuration
   notify -provider-config

   # Reset provider configuration
   notify -reset-provider discord
   ```

2. ** Limitación de destino**
```bash
   # Add delay between notifications
   echo "Finding"|notify -delay 5

   # Set rate limit
   echo "Finding"|notify -rate-limit 10
   ```

3. ** Problemas de Formato de Mensajes**
```bash
   # Check message template
   echo "Finding"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -debug

   # Use simple message format first
   echo "Finding"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"
   ```

4. ** Cuestiones relativas a la delincuencia**
```bash
   # Check provider credentials
   notify -provider-config

   # Update provider credentials
   notify -set-discord-webhook https://discord.com/api/webhooks/your-new-webhook-url
   ```

### Debugging

```bash
# Enable verbose mode
echo "Finding"|notify -v

# Show debug information
echo "Finding"|notify -debug

# Check provider configuration
notify -provider-config

Configuración

Archivo de configuración

Notificar utiliza un archivo de configuración ubicado en $HOME/.config/notify/provider-config.yaml_. Puede personalizar varios ajustes en este archivo:

# Example configuration file
discord:
  webhook: https://discord.com/api/webhooks/your-webhook-url
  username: Notify Bot
  avatar: https://example.com/avatar.png

slack:
  webhook: https://hooks.slack.com/services/your-webhook-url
  username: Notify Bot
  channel: "#security-alerts"

telegram:
  token: your-api-token
  chat_id: your-chat-id

email:
  server: smtp.gmail.com:587
  username: your-email@gmail.com
  password: your-password
  sender: "Notify ``<notify@example.com>``"
  recipient: recipient@example.com

Medio ambiente

# Set Notify configuration via environment variables
export NOTIFY_DISCORD_WEBHOOK=https://discord.com/api/webhooks/your-webhook-url
export NOTIFY_SLACK_WEBHOOK=https://hooks.slack.com/services/your-webhook-url
export NOTIFY_TELEGRAM_TOKEN=your-api-token
export NOTIFY_TELEGRAM_CHAT_ID=your-chat-id

Referencia

Opciones de línea de mando

Flag	Description
-provider	Provider(s) to send notification to
-message	Custom message format for notification
-id	ID to group notifications
-delay	Delay in seconds between notifications
-rate-limit	Maximum number of notifications per minute
-filter	Filter notifications by content
-filter-regex	Filter notifications by regex
-exclude	Exclude notifications by content
-exclude-regex	Exclude notifications by regex
-format	Format for notification (text, html, markdown)
-attach	File(s) to attach to notification
-json-input	Process input as JSON lines
-log-file	File to write notification log to
-v, -verbose	Show verbose output
-debug	Show debug information
-version	Show Notify version

Opciones de configuración del proveedor

Flag	Description
-set-discord-webhook	Set Discord webhook URL
-set-discord-username	Set Discord username
-set-discord-avatar	Set Discord avatar URL
-set-slack-webhook	Set Slack webhook URL
-set-slack-username	Set Slack username
-set-slack-channel	Set Slack channel
-set-telegram-token	Set Telegram API token
-set-telegram-chat-id	Set Telegram chat ID
-set-email-server	Set email SMTP server
-set-email-username	Set email username
-set-email-password	Set email password
-set-email-sender	Set email sender
-set-email-recipient	Set email recipient
-set-teams-webhook	Set Microsoft Teams webhook URL
-set-custom-webhook	Set custom webhook URL
-set-custom-method	Set custom webhook method
-set-custom-headers	Set custom webhook headers
-provider-config	Show provider configuration
-reset-provider	Reset provider configuration

Proveedores de apoyo

Provider	Description
discord	Discord messaging platform
slack	Slack messaging platform
telegram	Telegram messaging platform
email	Email notification
teams	Microsoft Teams messaging platform
custom	Custom webhook
all	All configured providers

Recursos

• Documentación oficial
• Repositorio GitHub
• Discord de descubrimiento del producto

-...

*Esta hoja de trampa proporciona una referencia completa para utilizar Notificar, desde notificaciones básicas a la integración avanzada con otras herramientas. Para la información más actualizada, consulte siempre la documentación oficial. *